Kaseya Details
Industry
Technology
Security Incidents
1
Kaseya provides IT management and monitoring solutions for managed service providers (MSPs) and IT departments. Founded in 2000 by Gerald Blackie and Ferdinando Pascazio, Kaseya has grown to be a prominent player in the field with its comprehensive suite of products designed to streamline IT functions, enhance security, and improve productivity for businesses of all sizes. Over the years, the company has acquired several firms to broaden its portfolio, including companies like Unitrends, RapidFire Tools, and IT Glue.
Notable products from Kaseya include its VSA (Virtual System Administrator) ...
Show more
Security Incidents
Kaseya Breach of Mar 2021
Among the impacted companies was the Swedish supermarket chain Coop, which had to close almost 800 stores for nearly a week. The attackers demanded a $70 mi...
Show more
The attackers exploited an authentication bypass vulnerability in the VSA software to spread the malicious payload exten...
Show more
Although the attackers claimed to have encrypted over one million systems and demanded a $70 million...
Show more
Severity Score
High
Type
UnknownSummary
On July 2, 2021, managed service providers (MSPs) and their customers were hit by a ransomware attack led by the REvil group, affecting over 1,000 companies. The attack exploited an authentication bypass vulnerability in Kaseya's Virtual System Administrator (VSA) software, distributing ransomware through the affected systems. As a result, Kaseya shut down its VSA cloud and SaaS servers and issued advisories to customers about the breach.Among the impacted companies was the Swedish supermarket chain Coop, which had to close almost 800 stores for nearly a week. The attackers demanded a $70 mi...
Show more
Severity
The Kaseya VSA ransomware attack, executed by the REvil group on July 2, 2021, was a high-profile incident that leveraged a vulnerability in Kaseya's VSA software to distribute ransomware broadly across managed service providers (MSPs) and their customers. This led to widespread operational disruptions for more than 1,000 companies globally, including significant impacts on entities such as the Swedish supermarket chain Coop, which had to close 800 stores for almost a week.The attackers exploited an authentication bypass vulnerability in the VSA software to spread the malicious payload exten...
Show more
Impact
The Kaseya VSA incident was a significant ransomware attack executed by the REvil group on July 2, 2021. The attack utilized an authentication bypass vulnerability in Kaseya’s remote monitoring and management software, leading to the spread of malicious payloads to over 1,000 managed service providers (MSPs) and their clients. Due to the incident, multiple systems and services were taken offline, including 800 stores of the Swedish supermarket chain Coop, which had to remain closed for a week.Although the attackers claimed to have encrypted over one million systems and demanded a $70 million...
Show more
KEEP YOUR ENVIRONMENT SECURE
Weak credentials are the leading cause of breaches. Beyond Identity can help.
See MFA exploits in action
Watch how adversaries exploit companies in quick videos