CompuCom, a US managed service provider (MSP), has suffered a cyberattack that caused it to close service and disconnect customers from its network to prevent the spread of the malware.
CompuCom is a subsidiary of The ODP Corporation (Office Depot/Office Max) that provides remote support, hardware, and software repair, and other IT services to companies in the US and abroad such as Target, Home Depot, Citibank, Wells Fargo, Truist Bank, and Lowe’s.
The attack vector
CompuCom suffered an outage following an attack on the weekend. Its customers were cut off from accessing the company’s customer portal which greeted customers with a simple error message: “An error occurred while processing your request.”
Soon after the attack, CompuCom began contacting customers telling them the company had been hit by malware.
BleepingComputer, though, managed to learn that CompuCom had disconnected their access to some customers to prevent further spread of the malware. One customer told BC that they had been detached from CompuCom’s Virtual Desktop Infrastructure to protect their data.
The company simply said to BC that they suffered a “malware incident” and that there was no evidence of the malware spreading to customers’ systems.
“Certain CompuCom information technology systems have been affected by a malware incident which is affecting some of the services that we provide to certain customers. Our investigation is in its early stages and remains ongoing. We have no indication at this time that our customers’ systems were directly impacted by the incident.”
CompuCom also said they engaged leading external security experts who began an investigation.
The company is restoring customer services and normal operations and promised to keep its customers updated.
Experts from BleepingComputer believe CompuCom has most certainly suffered a ransomware attack and threat actors have likely stolen unencrypted files.
This is a developing story.