Recently, a large education systems company in the United States was hit by a wave of attacks from the Hive ransomware, which compromised more than 50 VMware virtual machines and encrypted thousands of files.
The hackers demanded $750,000 as ransom. The attack brought the company’s operations to a standstill for two to four weeks, causing significant damage to its databases, file servers, and blocking all files in the school system.
After trying to recover in several ways, the company reached out to Digital Recovery. Our team quickly identified the key points of the project and performed advanced diagnostics using a VM shipped in our dedicated cloud for the operation.
The result of the diagnostic gave us an optimistic view of the project, but there were specific technical challenges due to the mix of Linux and Windows machines, where Linux machines required more effort to recover.
With the customer’s permission, we started the recovery process. Although the business proposal was accepted, the customer still had concerns about the volume of data involved in the project. To allay his fears, we established a feedback system with daily intervals to inform him about the progress of the project.
The recovery project took approximately 30 days to complete. Our team was able to recover a good portion of the files encrypted by the ransomware and restore the Veeam backup present in the environment, partially solving the problem.
Being an education company, the fact that the attack occurred during the school vacation period gave us the time needed to recover what was possible before the critical period.
These days, even if a company is the victim of a ransomware attack the recovery of encrypted data is possible.
Digital Recovery has the experience and technologies to handle the most complex data loss scenarios following a ransomware attack. For this reason, don’t abandon your data, contact our team and start recovery now!