Devastating Cyberattack

Destroys 18 Years of Data

All data belonging to US users-including backup copies-have been deleted in catastrophe, VMEmail says.

An unknown attacker appears to have deleted 18 years' worth of customer emails, along with all backup copies of the data, at email provider VFEmail.

A note on the firm's website Tuesday described the attack, first reported by KrebsOnSecurity, as causing "catastrophic destruction."

"This person has destroyed all data in the US, both primary and backup systems. We are working to recover what data we can," the note read. VFEmail was established in 2001 and provides free and paid email services, including bulk email services in the US and elsewhere.

The attack, described in a series of tweets from the firm, seems to have occurred on Monday and had targeted all VFEmail's externally facing servers across data centers. Though the servers were running different operating systems and not all shared the same authentication, the attacker managed to access each one and reformat them all the same.

The firm apparently caught the perpetrator in the middle of formatting a VFEmail backup server hosted in the Netherlands. But by that time, the attacker had already managed to format all disks on every other VFEmail server. "Every VM is lost. Every file server is lost, every backup server is lost," according to one of the company's tweets.

The attacker sent no ransom notes and appears not to have made any attempt at contacting VFEmail. The motive seems to have been "just attack and destroy," the company said. 


With proper backups and cloud resources there is absolutely no excuses for what happened to this company.  It is truly sad to have seen this happen.  Hopefully they can leverage resources such as Backblaze, as my clients are advised too, to protect themselves in the future.


Would you like to know more...