Kaseya issues on-premise patch and claims 95 per cent of SaaS customers are back online
Vendor had previously pushed back its server restart to add extra security
Kaseya has released its on-premise patch for customers impacted by a cyber attack on 2 July and said 95 per cent of its SaaS customers were also back online by 3am ET today.
The attack, which Russian-speaking ransomware group REvil claimed responsibility for, impacted only the company's customers with on-premise servers that use its VSA tool, Kaseya said, but its VSA SaaS servers were also shut down by the company following the breach.
Its servers were due to start coming back online overnight on Tuesday, but the release was stopped after an "issue" was discovered, with CEO Fred Voccola later explaining that Kaseya pushed it back to Sunday to add more security measures to its software.
"As posted in the previous update we released the patch to VSA on-premises customers and began deploying to our VSA SaaS infrastructure prior to the 4pm target," Kaseya said in its most recent update.
"The restoration of services is progressing, with 95 per cent of our SaaS customers live and the remaining servers coming online for the rest of our customers in the coming hours.
"Our support teams are working with VSA on-premises customers who have requested assistance with the patch. We will continue to post updates on the patch rollout progress and server status."
The vendor has published a runbook and help guide for its on-premise and SaaS customers to follow as its VSA offering comes back online.
It estimates that the attack impacted "approximately 50" of its own customers and "between 800 and 1,500" businesses across the world after its VSA module was compromised.
CEO Voccola apologised to customers last week following the server restart push back, stating that he was "very disappointed" and had "let the community down".
The Dutch Institute for Vulnerability Disclosure claims it identified seven vulnerabilities in Kaseya's software to the company back in April, and that one of those used in the attack had been highlighted. It also stressed that Kaseya was co-operative and "addressed some of them by releasing a patch" which was then followed by another patch soon after.
But the company has attracted criticism from cybersecurity bosses for the breach of its software, while it is now facing allegations that it previously ignored security concerns raised by members of staff, according to a report from Bloomberg.