The company hit by a massive ransomware attack just before Fourth of July weekend said it has obtained a computer key to unlock the files of hundreds of companies.
Kaseya, an information technology company, said it got the universal decryptor key from a “trusted third party” and has validated that it works. Spokeswoman Dana Liedholm said Kaseya received the key Wednesday and has been working with customers to roll it out.
Liedholm declined to say whether Kaseya paid a ransom to obtain the key.
The hacking group behind the attack, called REvil, originally demanded $70 million to provide a universal decryptor key. But then the group disappeared online, leaving companies that may have wanted to pay a ransom high and dry.
Kaseya provides a software that allows companies to manage their computer systems, and it supplies that to managed service provider companies which in turn service tens of thousands of companies. The affected software spread to between 800 and 1,500 companies, Kaseya estimated. Those companies were then unable to access their files. Instead, they were prompted to pay a ransom to get a decryptor key that would return control to them. The ransom demands ranged from $45,000 for smaller companies up to $5 million for larger ones.
The attack hit a small town in Maryland, where staff were unable to use their computers or send out utility bills, and a large grocery store chain in Sweden, which had to temporarily close its hundreds of locations.
The ransomware attack was the latest in a string of high-profile attacks stemming mainly from organized groups of hackers based in Eastern Europe. The frequency and severity of such attacks have increased in the past two years, especially as hackers band together to make the attacks more lucrative.
Some experts conservatively estimate that hackers received $412 million in ransom payments just last year.
A high-profile attack against Colonial Pipeline in May caused panicked fuel buying and long lines at gas stations. Another attack, against meat supplier JBS, temporarily shut down meat plants across the U.S. The company eventually paid hackers $11 million to restore its systems.