July 3, 2021

FBI Statement on Kaseya Ransomware Attack

Updated July 4, 2021: 

If you feel your systems have been compromised as a result of the Kaseya ransomware incident, we encourage you to employ all recommended mitigations, follow guidance from Kaseya and the Cybersecurity and Infrastructure Security Agency (CISA) to shut down your VSA servers immediately, and report your compromise to the FBI at ic3.gov. Please include as much information as possible to assist the FBI and CISA in determining prioritization for victim outreach. Due to the potential scale of this incident, the FBI and CISA may be unable to respond to each victim individually, but all information we receive will be useful in countering this threat.


Original statement:

The FBI is investigating this situation and working with Kaseya, in coordination with CISA, to conduct outreach to possibly impacted victims. We encourage all who might be affected to employ the recommended mitigations and for users to follow Kaseya's guidance to shut down VSA servers immediately. As always, we stand ready to assist any impacted entities.