Kaseya Details

    Organization Logo

    Kaseya

    Miami, Florida1000 employees • Technology

    https://www.kaseya.com/
    United States

    Industry

    Technology

    Security Incidents

    1

    Kaseya provides IT management and monitoring solutions for managed service providers (MSPs) and IT departments. Founded in 2000 by Gerald Blackie and Ferdinando Pascazio, Kaseya has grown to be a prominent player in the field with its comprehensive suite of products designed to streamline IT functions, enhance security, and improve productivity for businesses of all sizes. Over the years, the company has acquired several firms to broaden its portfolio, including companies like Unitrends, RapidFire Tools, and IT Glue.

    Notable products from Kaseya include its VSA (Virtual System Administrator) ...
    Show more

    Security Incidents

    Kaseya Breach of Mar 2021
    Severity Score
    High

    Type

    Unknown

    Summary

    On July 2, 2021, managed service providers (MSPs) and their customers were hit by a ransomware attack led by the REvil group, affecting over 1,000 companies. The attack exploited an authentication bypass vulnerability in Kaseya's Virtual System Administrator (VSA) software, distributing ransomware through the affected systems. As a result, Kaseya shut down its VSA cloud and SaaS servers and issued advisories to customers about the breach.

    Among the impacted companies was the Swedish supermarket chain Coop, which had to close almost 800 stores for nearly a week. The attackers demanded a $70 mi...
    Show more

    Severity

    The Kaseya VSA ransomware attack, executed by the REvil group on July 2, 2021, was a high-profile incident that leveraged a vulnerability in Kaseya's VSA software to distribute ransomware broadly across managed service providers (MSPs) and their customers. This led to widespread operational disruptions for more than 1,000 companies globally, including significant impacts on entities such as the Swedish supermarket chain Coop, which had to close 800 stores for almost a week.

    The attackers exploited an authentication bypass vulnerability in the VSA software to spread the malicious payload exten...
    Show more

    Impact

    The Kaseya VSA incident was a significant ransomware attack executed by the REvil group on July 2, 2021. The attack utilized an authentication bypass vulnerability in Kaseya’s remote monitoring and management software, leading to the spread of malicious payloads to over 1,000 managed service providers (MSPs) and their clients. Due to the incident, multiple systems and services were taken offline, including 800 stores of the Swedish supermarket chain Coop, which had to remain closed for a week.

    Although the attackers claimed to have encrypted over one million systems and demanded a $70 million...
    Show more