Software vendor Kaseya didn’t exactly have a good holiday weekend. On Monday, the IT solutions developer for managed service providers (MSPs) and enterprise clients announced that it had been the victim of a cyberattack on July 2. The attacks reportedly carried out a supply chain ransomware attack that leveraged a vulnerability in Kaseya’s VSA (Vector Signal Analysis) software and targeted multiple MSPs and their customers.
The multinational company, which is headquartered in Dublin, Ireland and has its U.S. operations based out of Miami, said in a statement that approximately 50 of its direct customers were breached in the attack, but in turn, hundreds and possibly as many as 1,500 businesses may have been compromised, as Kaseya’s customers in turn provide IT services to small businesses. Those include a diverse mix of businesses from restaurants to accounting firms to small retailers. Upwards of 40,000 organizations worldwide use at least one Kaseya software solution.
The attack has been described as reminiscent of the breach of SolarWinds, in which attackers managed to compromise a vendor’s software and then subsequently pushed a malicious updated to thousands of…
