VFEmail Suffers Catastrophic Attack, All Data Lost
Kacy Zurkus | February 12, 2019
A major cyber-attack has hit email provider VFEmail in what the company is calling a "catastrophic attack," which has destroyed all data in the US, including backups. The company issued an alert via its website and social media accounts on February 11, 2019, warning, “At this time I am unsure of the status of existing mail for US users. If you have your own email client, DO NOT TRY TO MAKE IT WORK. If you reconnect your client to your new mailbox, all your local mail will be lost.” In an update, VFEmail owner Rick Romero wrote that new email was being delivered and that efforts were being made to recover what user data could be salvaged. Romero also noted that the malicious actor was last identified as firstname.lastname@example.org. In one tweet, VFEmail said, “Strangely, not all VMs shared the same authentication, but all were destroyed. This was more than a multi-password via ssh exploit, and there was no ransom. Just attack and destroy.” These types of attacks are rare and highly destructive. “The devastating attack on VFEmail is a strong reminder to enterprises that a single keystroke or attack can destroy thousands of workloads and take down a business," said Balaji Parimi, CEO, CloudKnox Security.