Scope Systems confirms cyber incident, says no data loss occurred

“In the early hours of Tuesday, 5 May, we became aware of disruption to our services, which appear[s] to be the result of a cyber incident,” CEO Mark Bogos said.

“External forensics are investigating the incident that is currently preventing customer access to Pronto Xi hosted on the Scope Systems Cloud, our support portal, and Scope Systems hosted services, including APIs.

“The external forensics team is in place and working to determine if any data has been compromised, and how long it may take to resolve the issue. Our customers have been contacted directly and will continue to be updated via our website whilst we resolve the situation.

“We deeply regret this situation and are doing everything we can to resolve the issue and provide information on any impacts our customers should expect.”

The company continued to provide daily updates, confirming on 9 May that no data loss took place and that it had not identified any cases of data exfiltration from client systems. It also announced that restoration through backups had begun.

In its most recent statement on 12 May, Scope Systems said it had restored 53 per cent of its servers from backups.

VIEW ALL

“We are advising customers when we are close to restoring their systems, to arrange for them to validate the data as a final step. Details on the date of backups used to restore services are also being provided at that point, to help customers identify the period of entries that need to be manually added to their restored systems,” it said.

The threat actor behind the incident has not yet been identified, nor have Cyber Daily observed any claims of responsibility.

Scope Systems has not shared the nature of the incident, but said it will share findings of the incident once the investigation is completed.

“As soon as we are able, we will share our findings on how the threat actor was able to access our system, and what we have done to address the risk of further incursions,” it said.