365 Data Centers, a retail colocation provider, was recently named in a class action complaint filed in the United States District Court, District of Connecticut, whereby multiple plaintiffs allege claims against 365 Data Centers Services, LLC, for negligence, breach of contract, and unjust enrichment, based upon the company’s “failure to secure its systems and data from cyberattacks, including ransomware attacks, failure to properly secure and manage backup data for its clients and their customers, and failure to properly segment its data security systems”.
To-date, only four plaintiffs have been named in the class action complaint against 365 Data Centers. However, the company serves more than 1,300 customers, hundreds of which were gained through 365 Data Centers’ prior acquisition of Atlantic Metro, meaning that many more customers may have been impacted by the ransomware attack and subsequent outage.
Per the class action complaint, according to an individual who allegedly works at 365, the ransomware attack resulted from a “combination of an exploit and poor security practice”. While the source of the hack has not yet been identified, more details should be forthcoming from 365 Data Centers, as the case remains open in the Connecticut District Court.
Ransomware Attack – 365 Data Centers
According to the class action complaint, on May 14, 2022, 365 Data Centers “suffered a ransomware attack that caused the shutdown of their entire cloud network and loss of its clients’ data and critical infrastructure”. Customers of 365 “could not access their websites, customer portals, and other critical information technology infrastructure supported by 365’s network systems”.
Furthermore, the ransomware attack permanently prevented access to 365 Data Centers’ cloud infrastructure, with the company contending that the entire infrastructure must be rebuilt.
As a result, the plaintiffs allege that the “ransomware attack and its consequences have prevented and will continue to prevent 365’s clients, and the customers of those clients, from conducting any type of routine and ordinary business”. As such, the plaintiffs state that this ransomware attack has caused “significant business interruption and disruption and lost revenues”.
Following the ransomware attack, 365 Data Centers’ website, including its customer portal, went down and services to its customers were halted. Specifically, the website 365datacenters.com was no longer functional and was replaced by a new website temp.365datacenters.com. However, as of today, Dgtl Infra notes that 365datacenters.com appears to be working again.
E-Mail from VP, Customer Service of 365 Data Centers
On May 24, 2022, 365 Data Centers’ Vice President of Customer Service, Tom Walsh, sent an email to the company’s clients stating: “As of this update, we continue our efforts to clear all obstacles to enable us to initiate the restoration process but have not yet reached that point”.
E-Mail from CEO and CTO of 365 Data Centers
Subsequently, on May 25, 2022, a plaintiff received an e-mail from 365 Data Centers, signed by the company’s CEO, Bob DeSantis, and CTO, James Cornman stating the following:
Thank you for your patience over the past 10 days while we worked to regain access to the impacted cloud management systems and to restore your services following the security incident of May 14th, 2022.
We are now able to confirm that the May 14th security incident was a ransomware attack. We are also able to confirm that neither 365 Data Centers nor our customers were the target of this attack. The intended target was a third party whose data is stored in a dedicated environment on our cloud platform. Unfortunately, for our valued customers and 365 Data Centers, the cyber-attacker broadened the ransomware attack.
While our investigation continues, an analysis and evaluation to date by our systems team and cybersecurity experts has revealed that, aside from the targeted third party, no data was taken from the 365 Data Centers cloud environment and there are no on-going threats in the environment.
We worked tirelessly in tandem with our experts and government authorities and positioned 365 Data Centers to initiate restoration. Unfortunately, the resolution of the third-party circumstances is not in our control and continues to prevent us from moving ahead in our recovery process.
While we continue to monitor the third party’s resolution of the cyber-attack, 365 Data Centers believes that at this point in time the prudent path forward is to rebuild the affected cloud platform. This will be conducted along with an all-out effort to retrieve all data within the existing cloud environment that can still be accessed.
Customers / Plaintiffs – Overview
365 Data Centers provides hybrid data center solutions to over 1,300 small- and mid-sized enterprises, telecommunications carriers, and cloud service providers. Through its 12 colocation facilities and 86 network points-of-presence (PoPs) across the United States, 365 offers colocation, network connectivity & IP, cloud, and managed services to its customers.
Below are further details on the four plaintiffs who brought the class action complaint against 365 Data Centers, resulting from the ransomware hack and subsequent outage:
- Bizbudding Inc: webservice provider that rents web space from 365 Data Centers, through its colocation servers, and uses that space to provide its webservices and support to ~180 customers. Notably, the company uses webspace rented from 365 to operate ~40% of its business
- Parisi Speed School: web-based business that offers a variety of educational seminars in five languages over the internet through four websites
- Core Wellness, LLC: operates a website which provides advice and a community for mothers, as well as hosts a podcast, using 365 Data Centers’ webspace and critical infrastructure
- PaleoMom.com: operates a website that sells e-books and online courses which cover the topic of biophysics
Notably, Parisi Speed School, Core Wellness, and PaleoMom.com all contract for their services from Bizbudding and thus are customers of one of 365 Data Centers’ clients. In turn, these customers rely on their ability to access and transact with the products and services provided by 365 Data Centers and ultimately suffered from the ransomware hack and subsequent outage.
365 Data Centers – Ownership
In October 2020, 365 Data Centers was acquired by Stonecourt Capital, a New York-based private equity firm. Stonecourt’s equity investments are primarily focused on logistics, food & beverage, renewables & sustainability, health & wellness, industrials, and twenty-first century infrastructure. As of December 31, 2021, Stonecourt had $398.8m of assets under management (AUM).