Cloud hosting and IT services provider Netgain was forced to take some of their data centers offline after suffering a ransomware attack in late November.
Netgain offers hosting and cloud IT solutions, including managed IT services and desktop-as-a-service environments, to companies in the healthcare and accounting industry.
In a series of emails sent to customers and seen by BleepingComputer, Netgain states that they were victims of a ransomware attack on November 24th, 2020.
On December 4th, customers began receiving emails from Netgain stating that they may experience “system outages or slowdowns” due to a cyberattack on the hosting provider.
“At this time, our incident response plan and containment efforts require us to take additional precautionary measures, as well as to install additional security software in response to this cyberattack. We expect that you will experience system outages or slowdowns today and in the coming days as we take these actions,” a December 4th email from Netgain explained to customers.
The next day, Netgain stated that they were forced to shut down their data centers to isolate and contain the ransomware attack.
“As you are aware, in response to the cybersecurity incident, we took protective measures to isolate and contain the threat, including taking a number of our data centers offline. Please know that we understand the impact this outage has on your business, and our team is working around the clock, 24-7 to contain this threat and restore services,” the December 5th email stated.
Today, a Netgain customer named Crystal Practice Management, who offers office management software solutions for optometrists and vision therapy professionals, emailed their customers to update them on the Netgain attack.
According to Crystal PM, thousands of Netgain servers were affected by the ransomware attack, and that Netgain is working around the clock trying to get their servers back online. Unfortunately, there is still no ETA when these servers will come back online.
BleepingComputer has contacted Netgain numerous times but has not received responses to our queries about this attack.
We have also not determined what ransomware operation attacked Netgain, and no threat actors have claimed responsibility.