Skip to content ↓ | Skip to navigation ↓

A global information services company has disclosed a malware attack that affected several of its applications and platforms.

On 6 May, global solutions provider Wolters Kluwer published a statement in which it confirmed that it was suffering network issues:

We are experiencing network and service interruptions affecting certain Wolters Kluwer platforms and applications. Out of an abundance of caution, we proactively took offline a number of other applications as we continue to investigate any impact. We apologize to our customers for the inconvenience and appreciate their patience.

The company followed up this initial disclosure by posting an update on Twitter a day later. In this piece of communication, Wolters Kluwer revealed that it had successfully restored the network and services for some of its affected systems. It also confirmed that it was still looking into the matter as part of an ongoing investigation.

That same day, the solutions provider updated its website statement by revealing that it had traced its network issues back to a malware attack. Wolters Kluwer explained that it responded by taking its affected systems offline to limit the spread of the malware. This action affected its communications channels and its initial ability to share updates.

The company apologized for this lack of responsiveness in its notice and provided additional details about what it had learned of the malware attack:

We have seen no evidence that customer data was taken or that there was a breach of confidentiality of that data. Also, there is no reason to believe that our customers have been infected through our platforms and applications. Our investigation is ongoing. We want to apologize for any inconvenience this may have caused.

This isn’t the first time that a solutions provider has suffered a malware attack. Back in August 2017, attackers abused the website of Ukraine-based accounting software developer Crystal Finance Millennium (CFM) to serve banking malware to unsuspecting users. This attack occurred just a few months after bad actors abused the update servers of Ukrainian firm MeDoc to distribute NotPetya.

Wolters Kluwer requested that its North American customers use a temporary number to contact it while it continues with its investigation. This number can be found here.