Equinix updates on containment of recent cyber security incident
Digital infrastructure provider Equinix Inc (NASDAQ:EQIX) has just posted its latest 10-Q report with the SEC, providing an update on its mitigation efforts regarding a cyber security incident that occurred in September.
The company confirms that, in September 2020, it discovered ransomware on certain of its internal systems, encrypting files and holding them for ransom. Equinix’s teams responded quickly to address the incident and notified law enforcement, and after a thorough review of the incident by its management and experts retained to assist in this incident, the investigation was closed as of October 14, 2020.
Equinix comments:
“Our IBX data centers and our service offerings, including managed services, remained fully operational during the attack and the incident did not affected our ability to support our customers. We further believe that we were able to contain the incident and that the resolution will prevent the release of any data associated with this attack”.
The company stresses that while the event has been resolved and has not caused a material disruption to Equinix’s systems nor resulted in any material costs, its team is also working to protect against any future attacks.
In terms of risks, Equinix warns that it will continue to face risks associated with unauthorized access to its computer systems, loss or destruction of data, computer viruses, ransomware, malware, distributed denial-of-service attacks or other malicious activities. These threats may result from human error, equipment failure or fraud or malice on the part of employees, vendors or third parties.
Because of the COVID-19 pandemic, many of Equinix’s non-IBX employees are working from home and could potentially be exposed to new security risks or attempted breaches because of these new work environments. A party who is able to compromise the security measures on Equinix’s networks or the security of its infrastructure could misappropriate either its proprietary information or the personal information of its customers or its employees, or cause interruptions or malfunctions in its operations or its customers’ operations.
“As we provide assurances to our customers that we provide a high level of security, such a compromise could be particularly harmful to our brand and reputation. We may be required to expend significant capital and resources to protect against such threats or to alleviate problems caused by breaches in security”, Equinix concedes.
On September 9, 2020, Equinix confirmed it was investigating a security incident it detected that involves ransomware on some of its internal systems. On September 17, 2020, Equinix said its mitigation efforts yielded full containment of the security incident.