Good afternoon —
A Friday ransomware attack on cloud-hosting and data security provider Cloudstar is the kind of event that keeps housing executives up at night.
Cloudstar has more than 42,000 users, including hundreds of title and settlement companies who are now cut off from their own data until the issue is solved. That could include their back-up data, if they use Cloudstar for that service as well.
A statement from the company says:
"On Friday, July 16, Cloudstar discovered it was the victim of a highly sophisticated ransomware attack. Due to the nature of this attack, at this time our systems are currently inaccessible, and although we are working around the clock, we do not have a definitive restoration timeline. Our Office 365 mail services, email encryption offering and some support services are still fully operational.
"Cloudstar has retained third-party forensics experts Tetra Defense to assist us in our recovery efforts and also informed law enforcement. Negotiations with the threat actor are ongoing."
The attack was expected to disrupt mortgage closings on Monday, but it's not known how many companies or individuals have been affected.
Cloudstar also provides cloud hosting for three origination platforms: Encompass 360, Calyx PointCentral and Byte Enterprise, but it's unclear whether lenders are seeing a disruption.
The attack is a further reminder that cyber attacks pose an existential threat to businesses of all kinds. Just last month, FinCEN highlighted ransomware as a "particularly acute cybercrime concern," including it in its issuance of the first government-wide priorities for anti-money laundering and countering the financing of terrorism policy. The organization will facilitate a FinCEN Exchange in August 2021 with representatives from industry and government agencies to discuss ongoing concerns regarding ransomware, as well as efforts by the public and private sectors.
Our reporters are working this story and we'll keep you updated as the ransomware situation progresses. In the meantime, let us know if your company has been impacted by this latest ransomware attack at editorial@housingwire.com.
Stay safe —
Sarah Wheeler
HousingWire Editor in Chief
EmoticonEmoticon