Book publisher Macmillan has been hit with what it describes as a “digital security incident”, with experts believing it could be ransomware.
The company’s staff have taken to social media to confirm that the incident has been hugely disruptive for its US side of the business, forcing the company to close its New York head office. Staff are also unable to access emails or files, and customers are unable to order from the company at the time of writing.
According to emails seen by Publishers Weekly, the publisher initially said that a portion of the company’s files had become encrypted and that it had taken all of its systems offline to prevent further compromise.
The company’s US sales team also confirmed that it was unable to process, receive, place, or ship orders as a result of the company-wide shut down of digital systems and physical offices.
However, the attack is affecting both US and UK arms of the company, IT Pro can confirm, after a member of staff said the press department was unable to be contacted due to all email and phone systems being down.
The staff member also said the company will most likely have resolved the incident by next week, but also perhaps even by Friday.
Macmillan originally told customers that it would shut down servers for just one day in an original email sent on Saturday 25 June, and that it is working with “third parties” to resolve the situation.
The attack on Macmillan Publishing does not appear to have been claimed by any major ransomware groups, following an examination of their victim blogs, but experts believe the evidence points to ransomware.
“Whilst, on the one hand, it is encouraging to see Macmillan responding proactively by taking systems offline, the damage has arguably already been done,” Trevor Dearing, director of critical infrastructure solutions at Illumio.
“It’s far safer for organisations to put in proactive protection before an attack happens. Restricting the movement of ransomware by closing unused and high-risk ports drastically reduces the impact of attacks like this one."
Macmillan staff speaking to IT Pro were unwilling to confirm whether the incident was ransomware, or whether any information had been lost or stolen as a result of the attack.
-
The unseen risk in Microsoft 365: disaster recoveryBusinesses that assume they’re covered for data backup could come unstuck in a time of crisis
-
Anthropic CEO Dario Amodei's prediction about AI in software development is nowhere nearly to becoming a realityNews In March, Anthropic CEO Dario Amodei claimed up to 90% of code would be written by AI within six months – his prediction hasn't quite come to fruition.
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b modelNews Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
