KrebsonSecurity reported that TTEC hit with ransomware attack teams servicing Bank of America, Verizon and others were unable to work
TTEC, a customer experience technology company based in the United States, has disclosed a “cybersecurity problem,” but employees have confirmed that it was affected by ransomware.
According to KrebsonSecurity, the corporation, which has roughly 61,000 employees and billions in annual revenue, issued a message to staff this week advising them not to click on a URL marked “!RA!G!N!A!R!” The statement suggests that the attack was carried either by the well-known Ragnar Locker ransomware organisation, or someone attempting to spoof them.
TTEC informed employees that the company was experiencing system disruptions and that it was working to remove the malicious “!RA!G!N!A!R!” file from its network.
TTEC corporate communications vice president Tim Blair would not confirm that the incident was caused by ransomware, but he did say that part of the company’s data was encrypted and that “business activities at various facilities have been momentarily impacted” in a statement to ZDNet.
Verizon, Best Buy, Dish Network, Bank of America, and Kaiser Permanente are just a few of the firms that TTEC works with.
A reader provided the internal message to KrebsonSecurity, who stated that the “widespread” system outage began on Sunday, September 12. Thousands of TTEC personnel working on accounts for Verizon, Kaiser Permanente, and Bank of America were unable to perform any duties as a result of the attack, according to the source, while many other customer care teams reported being unable to operate.
According to KnowBe4 security advocate James McQuiggan, ransomware groups often target enterprises with huge client bases that rely on services or a product, knowing that it will disrupt business and have a trickle-down effect on all customers.
The Ragnar Locker ransomware group has recently made headlines for their remarks against victims who call law enforcement or expert negotiators.
If victims ventured to call cybersecurity companies or law authorities, the gang warned on their darknet leaksite, it would destroy decryption keys and reveal all sensitive data stolen.
The gang has previously targeted large corporations in China, including Capcom, Campari, EDP, CD Projekt Red, and a number of shipping titans.