Catalin Cimpanu reports:
GSS, the Spanish and Latin America division of Covisian, one of Europe’s largest customer care and call center providers, has suffered a debilitating ransomware attack that froze a large part of its IT systems and crippled call centers across its Spanish-speaking customerbase.
Call centers and automated customer support phone services for companies and government organizations in Spain and Latin America have been unreachable this week.
Read more on The Record.
DataBreaches.net had been in touch with Covisian about the breach and a chat log circulating on the internet that mentioned an $8.5 million ransom demand and that had a decrypted file in it that mentioned GrupoGSS. A spokesperson for Covisian responded:
The attack took place on Saturday, September 18th. It is a ransomware CONTI, whose main objective is the encryption of information.
The cyberattack, from a data protection point of view, has not affected any of our clients to date. As a preventive measure against the cyberattack and in order to guarantee data protection, the services that could be affected were interrupted. From last Saturday to today, there is no evidence of leakage of any personal data. From GSS we hope to restore interrupted services as soon as possible, as long as their security is guaranteed.
We are following each and every one of the steps of the security protocol to guarantee the recovery of the service with total security as soon as possible.
We hereby confirm that neither GSS nor Covisian have conducted negotiations of any kind with anyone regarding the cyberattack.
Additionally, GSS informs that, from the first moment, it contacted those responsible for Computer Crimes of the Guardia Civil to file a complaint about the attack suffered on 9/18/21 by the Conti ransomware. GSS also informs that the complaint will be presented next week, once the necessary technical reports are available, so that the Guardia Civil and the Judicial Authority can initiate the investigation. Furthermore, GSS has already communicated the attack suffered to INCIBE, the National Cybersecurity Institute.
So according to them, there have been no negotiations or any ransom discussions.