Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah
-
@proteksupport said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@scottalanmiller said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
So we heard from customers of Protek Support in Salt Lake City that the MSP has been hit with ransomware that has gone on to hit all of their clients as well. From what we understand, they are currently on four days of customers being without their files and they aren't cleaning them up yet. We would suspect that their internal systems have been hit and they are tied up dealing with that.
I don't know where you got such information from, but this is simply not true.
Are you actively cleaning up some customers but not all? Whats the status?
-
@Pete-S said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@proteksupport said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@scottalanmiller said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
So we heard from customers of Protek Support in Salt Lake City that the MSP has been hit with ransomware that has gone on to hit all of their clients as well. From what we understand, they are currently on four days of customers being without their files and they aren't cleaning them up yet. We would suspect that their internal systems have been hit and they are tied up dealing with that.
I don't know where you got such information from, but this is simply not true.
Threads need to be deleted asap. Or company info scrubbed. No need to have the name of the company in the thread actually in either case.
Actually its very important so that customers can discuss the issue together so that they are aware that they are not alone.
-
@proteksupport now is your chance to clear things up. Otherwise we have to assume the information posted in the OP at least as some basis in truth.
If a customer refused to have DR and backup services, literally nothing else needs to be said than "this was due to a customer decision".
If it's all false that's just as fine as well, but then we'd have to wonder why @scottalanmiller is supposedly being contacted with this claim.
@scottalanmiller are you able to shed any light on who the customer may be or otherwise help unfold this story?
-
@RojoLoco said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@Reid-Cooper I would NEVER hire or even consider an MSP that paid a ransom. That means they are incapable or unwilling to make and test backups, so that's a hard no.
I've seen a situation where the ransomware ate most of the backups.
-
@EddieJennings said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@RojoLoco said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@Reid-Cooper I would NEVER hire or even consider an MSP that paid a ransom. That means they are incapable or unwilling to make and test backups, so that's a hard no.
I've seen a situation where the ransomware ate most of the backups.
Well that would be because their backups weren't actually protected.
-
@EddieJennings said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@RojoLoco said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@Reid-Cooper I would NEVER hire or even consider an MSP that paid a ransom. That means they are incapable or unwilling to make and test backups, so that's a hard no.
I've seen a situation where the ransomware ate most of the backups.
Can happen when not air gapped.
-
As with any company, be it Microsoft, IBM, Facebook, Verisign, Whoever.... We do not protect companies when we have credible knowledge of a company's failure, or on the other hand, accomplishments are reported.
In this case, we have first hand knowledge as reported by the OP.
Just as I reported, along with many major news outlets, Wells Fargo had an outage affecting a large number of their customers and all of their investors. I would not remove their name, nor the post just because they complain.
-
@pchiodo said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
As with any company, be it Microsoft, IBM, Facebook, Verisign, Whoever.... We do not protect companies when we have credible knowledge of a companies failure, or on the other hand, accomplishments are reported.
In this case, we have first hand knowledge as reported by the OP.
Just as I reported, along with many major news outlets, Wells Fargo had an outage affecting a large number of their customers and all of their investors. I would not remove their name, nor the post just because they complain.
TL:DR Shit happens, and when it should be public knowledge it will be public knowledge.
-
I think that if it was VPN, still bad practice to have VPN from MSP or any other systems that unprotected. MSPs should not need to have VPN to customers at all.
-
@dbeato said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
I think that if it was VPN, still bad practice to have VPN from MSP or any other systems that unprotected. MSPs should not need to have VPN to customers at all.
Absolutely. But unless someone has info that I do not, notnreason to assume the MSP here had one.
-
So I guess we're to assume that the lack of a response from @proteksupport means that something major is occurring with their client(s).
-
@DustinB3403 said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
So I guess we're to assume that the lack of a response from @proteksupport means that something major is occurring with their client(s).
To be fair, this place is fast. They are not likely used to forums moving this quickly.
-
@scottalanmiller said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@DustinB3403 said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
So I guess we're to assume that the lack of a response from @proteksupport means that something major is occurring with their client(s).
To be fair, this place is fast. They are not likely used to forums moving this quickly.
Fast compared to SpiteWorks, sure I suppose.
-
@DustinB3403 said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@scottalanmiller said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@DustinB3403 said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
So I guess we're to assume that the lack of a response from @proteksupport means that something major is occurring with their client(s).
To be fair, this place is fast. They are not likely used to forums moving this quickly.
Fast compared to SpiteWorks, sure I suppose.
MMm it depends what you are talking about.
-
@dbeato said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@DustinB3403 said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@scottalanmiller said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@DustinB3403 said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
So I guess we're to assume that the lack of a response from @proteksupport means that something major is occurring with their client(s).
To be fair, this place is fast. They are not likely used to forums moving this quickly.
Fast compared to SpiteWorks, sure I suppose.
MMm it depends what you are talking about.
Fast response times.
Not so fast deleting comments made by people that SpiteWorks thinks that they can make money off of.
-
@DustinB3403 said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@dbeato said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@DustinB3403 said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@scottalanmiller said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@DustinB3403 said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
So I guess we're to assume that the lack of a response from @proteksupport means that something major is occurring with their client(s).
To be fair, this place is fast. They are not likely used to forums moving this quickly.
Fast compared to SpiteWorks, sure I suppose.
MMm it depends what you are talking about.
Fast response times.
Not so fast deleting comments made by people that SpiteWorks thinks that they can make money off of.
That's a different story, very few of my posts are moderated but I try to do as fast responses as I can. I barely have time to post on both places
-
Is there a public news article about this MSP or has one of their clients contacted you @scottalanmiller
-
@StuartJordan said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
Is there a public news article about this MSP or has one of their clients contacted you @scottalanmiller
The latter based on the OP.
-
@StuartJordan said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
Is there a public news article about this MSP or has one of their clients contacted you @scottalanmiller
This IS the public news article
Yes, we know about it first hand.
-
@scottalanmiller thanks for clarifying, I just looked at the op again..
"So we heard from customers of Protek Support" - I was skimming I must admit.
It is interesting that we only talked about this yesterday or the day before about that reddit link I posted.
