On 21 October, Sopra Steria announced it had detected a cyberattack the previous evening.
The virus has been identified: it is a new version of the Ryuk ransomware, previously unknown to antivirus software providers and security agencies.
Sopra Steria’s investigation teams immediately provided the competent authorities with all information required. The Group was able to quickly make this new version’s virus signature available to all antivirus software providers, in order for them to update their antivirus software.
Moreover, it has also been established that the cyberattack was only launched a few days before it was detected.
The security measures implemented immediately made it possible to contain the virus to only a limited part of the Group’s infrastructure and to protect its customers and partners.
At this stage, and following in-depth investigation, Sopra Steria has not identified any leaked data or damage caused to its customers’ information systems.
Having analysed the attack and established a remediation plan, the Group is starting to reboot its information system and operations progressively and securely, as of today.
It will take a few weeks for a return to normal across the Group.