Zero Day Variant Malware Communication

 13 July 2020

Dear Business Partner, Customers,

On Saturday 11 July 2020, our Information Security team detected unlawful activity, originating in our UK data centre, and discovered that some of our servers had been compromised by a Zero Day Variant Malware.

To ensure the integrity of our systems and network we took the decision to immediately shut down all windows critical servers.

The source of this infection was identified, and a pattern fix was provided by our Antivirus vendor, after which we began the patching and reinstating of the servers and all services were resumed within 48 hours. 

There was NO unauthorized access to data and NO loss of customer or partner data. The vast majority of systems were NOT infected, and we are able to reinstate services in a timely manner. For those few subsystems that were infected, we have taken the action to restore from backup and apply the same actions before reinstating the service, this process has taken a little longer due to the restoring process.

With all critical systems now fully reinstated, we are working with our Security teams and outside vendors to conduct a full after-action and root cause analysis. We are working with external security consultants on a full security audit and are also looking at all additional proactive measures we can put in place to strengthen our security and improve our resolution procedures and response times.

The incident does not affect our operations and our businesses and services have not been impacted. If you have any questions or concerns, please do not hesitate to get in touch.

Regards,

M ATA UR RAHIM

Director – Marketing Communications

muhammadata@idsmed.com

idsMED Group