Global IT services and solutions provider DXC Technology announced over the weekend a ransomware attack on systems from its Xchanging subsidiary.
Xchanging is known as a managed service provider for businesses in the insurance industry but its list of customers includes companies from other fields: financial services, aerospace and defense, automotive, education, consumer packaged goods, healthcare, manufacturing.
Several customers affected
DXC Technology notified its investors in an 8-K form filed with the U.S. Securities and Exchange Commission that Xchanging has detected a ransomware attack on some of its systems.
The company reported the incident on July 5, expressing confidence that it did not spread outside the Xchanging network. For the moment, the investigation did not reveal any indication of data being affected. It is unclear when the company detected the attack.
An undisclosed number of customers was impacted by the cyberattack, denying access to their operating environment, reads the notification from the company. Containment and remediation measures were deployed to resolve the situation.
In a statement to BleepingComputer, a company spokesperson said that the problem is isolated to a subset of the Xchanging business and that customer data was not compromised or lost.
Efforts to restore services to customers are ongoing and at the moment remediation work is being done for just a few of them.
“While the revenue from those impacted customers is not material to DXC financial position, we nevertheless take this situation very seriously and have already restored services as nearly all of them” – DXC Technology spokesperson
As is typically the case with such incidents, the company is working with law enforcement and authorities on the investigation. This is also why there are few details available at this time.
There is no information about the family of the file-encrypting malware used in the attack and BleepingComputer does not know of a ransomware gang claiming the attack.