Netgain offers hosting and cloud IT solutions, including managed IT services and desktop-as-a-service environments, to companies in the healthcare and accounting industry. According to BleepingComputer, Netgain said that they were victims of a ransomware attack on November 24th, 2020.
Forced to take some of their data centers offline
On December 4th, customers began receiving emails from Netgain stating that they may experience “system outages or slowdowns” due to a cyberattack on the hosting provider. A Netgain customer named Crystal Practice Management, emailed their customers to update them on the Netgain attack.
According to Crystal PM, thousands of Netgain servers were affected by the ransomware attack, and that Netgain is working around the clock trying to get their servers back online. Unfortunately, there is still no ETA when these servers will come back online.
“At this time, our incident response plan and containment efforts require us to take additional precautionary measures, as well as to install additional security software in response to this cyberattack. We expect that you will experience system outages or slowdowns today and in the coming days as we take these actions,” a December 4th email from Netgain explained to customers.
Netgain sent an email to its customers on the December 5th, saying,
“As you are aware, in response to the cybersecurity incident, we took protective measures to isolate and contain the threat, including taking a number of our data centers offline. Please know that we understand the impact this outage has on your business, and our team is working around the clock, 24-7 to contain this threat and restore services.”
The next day, Netgain stated that they were forced to shut down their data centers to isolate and contain the ransomware attack. No threat actors have been determined for the ransomware attack on Netgain.