The world’s largest publishing company, Macmillan, was forced to shut down its offices and network as they dealt with a security event that could have been a ransomware attack. The corporation locked down all of its IT systems to stop the assault from spreading after it apparently happened during the weekend, on Saturday, June 25.
When Publishers Weekly saw emails from Macmillan stating they had experienced a “security incident, which involves the encryption of certain files on our network,” they broke the story. The hack was a ransomware attack since encryption was used in it.
Since then, Macmillan editors have communicated the security problem with agents and customers in an unusually open manner, assuring them that they are not neglected but have lost access to their systems, emails, and files. Although Publishers Weekly reported that Macmillan’s field sales team had warned that the outage would delay the distribution of books, Macmillan has already started putting systems back online, and staff members can now access their email.
It is now unknown which ransomware group carried out the attack and whether any data was taken. In double-extortion attacks, ransomware associates frequently take the data before encrypting devices when they tell victims that the stolen material will be publicized if a ransom is not paid.
Within a few weeks, we’ll probably witness a ransomware operation post the stolen files on their data leak site if data was exfiltrated during the strike and a ransom is not paid. Macmillan has been emailed with questions regarding the current attack, but the publishing firm has not responded yet.