SHI malware attack causes major disruption and forces staff offline

Digital generated image of electronic circuit security padlock made out of numbers on black background.
(Image credit: Getty Images)

IT supplier SHI has been struck by a “security incident”, causing major disruption to the company by forcing its staff offline.

In a statement on its website, the firm said it had become the victim of a “coordinated and professional malware attack” over the Fourth of July holiday weekend – but measures had been taken to limit the impact.

The company was keen to stress it had found no evidence that customer data or supply chain systems had been compromised.

“Thanks to the quick reactions of the security and IT teams at SHI, the incident was swiftly identified and measures were enacted to minimise the impact on SHI’s systems and operations,” the message read.

SHI is headquartered in Somerset, New Jersey, and specialises in providing technology products and services across the IT spectrum. Since its founding in 1989, it has grown to incorporate around 5,000 employees across offices in the US, UK, Canada, France, Hong Kong, and Singapore.

In the wake of this malware attack, the company said it took some systems offline while the attack was being investigated and the integrity of the systems assessed – that included the supplier’s public websites and email.


Solve cyber resilience challenges with storage solutions

Fundamental capabilities of cyber-resilient IT infrastructure


However, staff emails were restored by the morning of 6 July, with SHI’s IT teams continuing to work on bringing other systems back to full availability “in a secure and reliable manner”. At the time of writing, the company’s website was still down and showing the statement.

“Customers have full access to their account teams and specialists via both email and phone,” SHI clarified.

The IT supplier said it was continuing to investigate the incident and is liaising with federal bodies including the FBI and CISA – but stressed that it had seen no evidence that customer data had been compromised.

“There is no evidence to suggest that customer data was exfiltrated during the attack. No third-party systems in the SHI supply chain were affected,” it said. “SHI will keep customers informed as we return to business as usual.”

Daniel Todd

Dan is a freelance writer and regular contributor to ChannelPro, covering the latest news stories across the IT, technology, and channel landscapes. Topics regularly cover cloud technologies, cyber security, software and operating system guides, and the latest mergers and acquisitions.

A journalism graduate from Leeds Beckett University, he combines a passion for the written word with a keen interest in the latest technology and its influence in an increasingly connected world.

He started writing for ChannelPro back in 2016, focusing on a mixture of news and technology guides, before becoming a regular contributor to ITPro. Elsewhere, he has previously written news and features across a range of other topics, including sport, music, and general news.