Book publisher Macmillan has been hit with what it describes as a “digital security incident”, with experts believing it could be ransomware.
The company’s staff have taken to social media to confirm that the incident has been hugely disruptive for its US side of the business, forcing the company to close its New York head office. Staff are also unable to access emails or files, and customers are unable to order from the company at the time of writing.
According to emails seen by Publishers Weekly, the publisher initially said that a portion of the company’s files had become encrypted and that it had taken all of its systems offline to prevent further compromise.
The company’s US sales team also confirmed that it was unable to process, receive, place, or ship orders as a result of the company-wide shut down of digital systems and physical offices.
However, the attack is affecting both US and UK arms of the company, IT Pro can confirm, after a member of staff said the press department was unable to be contacted due to all email and phone systems being down.
The staff member also said the company will most likely have resolved the incident by next week, but also perhaps even by Friday.
Macmillan originally told customers that it would shut down servers for just one day in an original email sent on Saturday 25 June, and that it is working with “third parties” to resolve the situation.
The attack on Macmillan Publishing does not appear to have been claimed by any major ransomware groups, following an examination of their victim blogs, but experts believe the evidence points to ransomware.
“Whilst, on the one hand, it is encouraging to see Macmillan responding proactively by taking systems offline, the damage has arguably already been done,” Trevor Dearing, director of critical infrastructure solutions at Illumio.
“It’s far safer for organisations to put in proactive protection before an attack happens. Restricting the movement of ransomware by closing unused and high-risk ports drastically reduces the impact of attacks like this one."
Macmillan staff speaking to IT Pro were unwilling to confirm whether the incident was ransomware, or whether any information had been lost or stolen as a result of the attack.
-
Thousands of exposed civil servant passwords are up for grabs onlineNews While the password security failures are concerning, they pale in comparison to other nations
-
Global PC shipments surge in Q3 2025, fueled by AI and Windows 10 refresh cyclesNews The scramble ahead of the Windows 10 end of life date prompted a spike in sales
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
-
NCA confirms arrest after airport cyber disruptionNews Disruption is easing across Europe following the ransomware incident
-
Cyber professionals are losing sleep over late night attacksNews Hackers are biding their time and launching attacks when businesses can’t respond
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
