Sangoma Technologies, a household name in the communications-as-a-service (CaaS) market, has confirmed it suffered a ransomware attack that led to a data breach.
On Christmas eve, Sangoma issued a press release announcing that, “as a result of a ransomware cyber attack on one of the Company’s servers, private and confidential data belonging to the Company was posted online yesterday.”
The PBX vendor summoned third-party cybersecurity experts and started an investigation to assess the extent of the damage, according to the announcement.
While some confidential data has been stolen and leaked in the attack, the company claims the attackers failed to get any customer information – or at least that there is no such evidence yet. On that same optimistic note, Sangoma also says operations are running smoothly, with no impact on products or services.
“There is no initial indication that customer accounts were compromised, nor that any Sangoma products or services were affected as a result of this breach,” according to the press release.
Later that day, the Conti ransomware gang took credit for the attack by publishing over 26 GB worth of Sangoma data on their data leak site.
The firm instructs customers to change the passwords associated with their Sangoma accounts “out of an abundance of caution.”
“We are committed to using all available measures to secure and protect our data, as well as the data of our customers, partners and employees,” said Bill Wignall, President and CEO of Sangoma. “We are working as quickly as we can to complete our investigation. As this work progresses, we plan to provide updates of factual, accurate information as it becomes available.”
Sangoma customers are told they can ask any questions by sending a message to firstname.lastname@example.org.