Epiq takes systems offline after ransomware attack
eDiscovery and managed services giant Epiq has taken its systems offline globally after being hit by a ransomware attack, but says so far there is no evidence of unauthorised transfer or misuse of data.
The New York-headquartered company has issued a statement confirming that it detected unauthorised activity on its systems on 29 February and is working with a third-party forensic firm to conduct an independent investigation. It has notified federal law enforcement authorities, who are involved in the investigation.
It adds: “At this time there is no evidence of any unauthorized transfer or misuse or exfiltration of any data in our possession.”
Epiq’s corporate website currently says that it is offline to perform maintenance.
Here is the statement in full and we will update you when we have more information:
On February 29, we detected unauthorized activity on our systems, which has been confirmed as a ransomware attack. As part of our comprehensive response plan, we immediately took our systems offline globally to contain the threat and began working with a third-party forensic firm to conduct an independent investigation.
Our technical team is working closely with world class third-party experts to address this matter, and bring our systems back online in a secure manner, as quickly as possible.
Federal law enforcement authorities have also been informed and are involved in the investigation.
As always, protecting client and employee information is a critical priority for the company. At this time there is no evidence of any unauthorized transfer or misuse or exfiltration of any data in our possession.
The Epiq platform extends to 14 countries, including more than 80 office locations, more than 5,000 employees and a dozen data centers across the globe. It was acquired in 2016 by OMERS Private Equity for around $1bn, and in 2017 merged with DTI – which was already majority-owned by OMERS – under the Epiq brand.