A sign that reads: “Coop Forum supermarket in Vastberga is closed due to IT disturbances, no prognosis as to when we will open again”, on a closed Coop supermarket store in the suburb of Vastberga, Stockholm, Sweden, Saturday July 3, 2021. Cybersecurity teams worked feverishly Sunday July 4, 2021, to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit. The Swedish grocery chain Coop said most of its 800 stores would be closed for a second day Sunday because their cash register software supplier was crippled. (Jonas Ekstromer/TT via AP, File)

 

The software company targeted by a holiday weekend ransomware attack said between 800 and 1,500 small businesses managed by its customers were compromised.

Still, Kaseya says the cyberattack it experienced over the July 4th holiday weekend was never a threat and had no impact on critical infrastructure.

The Dublin-based company said Tuesday that it was alerted on July 2 to a potential attack by internal and external sources. It immediately shut down access to the software in question. The incident impacted about 50 Kaseya customers.

Many of Kaseya’s customers are managed service providers, using Kaseya’s technology to manage IT infrastructure for local and small businesses with less than 30 employees, such as dentists’ offices, small accounting offices and local restaurants. Of the approximately 800,000 to 1,000,000 local and small businesses that are managed by Kaseya’s customers, only about 800 to 1,500 have been compromised.

The hacked Kaseya tool, VSA, remotely maintains customer networks, automating security and other software updates. President Joe Biden said Saturday that he ordered a “deep dive” by U.S. intelligence into the attack and that the U.S. would respond if it determines the Kremlin is involved.

The company said that it’s working with various government agencies, including the FBI, CISA, Department of Homeland Security and the White House, as well as with computer incident response company FireEye Mandiant IR on the incident.

Copyright 2021 The Associated Press. All rights reserved.