CyrusOne has already hired specialists from one company security and works with law enforcement authorities to investigate the attack. It also uses backups to help them customers of recovering their lost data.
The ransomware attack took place yesterday and was caused by one version of ransomware REvil (Sodinokibi).
This is the ransomware that hit several managed service providers in June as well as many Texas local governments (over 20) and over 400 US dentists.
No CyrusOne representatives have commented on the incident publicly.
FIA Tech, a financial and brokerage firm, today informed its customers about cloud service disconnection from its data center provider. FIA Tech did not name the provider, but investigations indicate it is CyrusOne.
FIA Tech sent a message to its customers, which said: "The attack was focused on disrupting businesses in an attempt to get ransom from our data center provider."
Information reports that ransomware attack has not affected all data centers by CyrusOne. However, restoring servers and recovering customer data will take time to complete. CyrusOne says that does not intend to pay ransom.
The company has 45 data centers in Europe, Asia and America and has more than 1.000 customers.
Earlier, he climbed on VirusTotal a copy of the executable ransomware that infected the CyrusOne network.