iNSYNQ’s FAQ: “How did this happen?”
Question: “How did this happen?”
Answer: “…these kinds of things are now inevitable”.
I have to say that I truly appreciate the situation where a CEO has to write an email telling their entire customer base about a data breach. It’s one those, if not THE, worst nightmares that you could have.
When I was running my digital identity security firm, Janrain Inc. (now Akamai Technologies), it took some time before I slept well. We were managing consumer’s Personally Identifiable Information (PII), reaching over 1.7B digital identities worldwide for Global 1000 clients. Our clients relied on us to protect their most important assets – their consumers.
Yesterday, I received the email below from a customer of iNSYNQ. This customer is a close friend of mine who is running his SMB business. He decided to outsource to accounting-as-a-Service cloud provider, iNSYNQ:
To: Jim Kaskade
Subject: Fwd: Insynq Outage Update
Date: July 19, 2019 at 11:15:58 AM PDT
Hi Jim. Check this out…so you may recall that part of my vision has been to operate my business as much as possible in the cloud (i.e. run the business with an iPad). We’ve been successful, and it’s worked out pretty well…except for this (see below).
iNSYNQ is our quickbooks hosting company. They were attacked via malware/ransomware on Mon AM, and I have not been able to access my accounting system since Monday night. All of their clients are currently locked out.
The reference in the message below regarding no access to backup files is important because their system is set up to backup the QB files inside the hosted Windows environment that we log into. So, we cannot even access our backups, because they are locked up too…I think there’s a lesson here!!
Interestingly, this is the second time in about a year that this has happened to iNSYNQ. Maybe the bad guys left an artifact in their system which allowed it to happen again (or somebody clicked on a bad email…again)? I am assuming iNSYNQ is basically dead – my accountant is moving me and all of his other clients to a new provider. I am sure others will do the same.
Luckily, I had just finished payroll on Monday afternoon. So, I have only had to struggle through some manual tax and other payments. If this goes on long term, I could start over. However, I would lose the good time-based analytics (year over year comparisons, etc.).
That’s a powerful email representing the sentiment of iNSYNQ’s customer base.
I recently met with Cynthia James, Cybersecurity consultant, who spent 3 hours with me and 14 other prominent Silicon Valley CEOs, brushing up on our checklists for security. Then, coincidence had me enjoying breakfast with David Stelzl, another Cybersecurity consultant and author of The Smart Business Leader’s Guide to Stopping the Hacker. Both consultants were talking about the impact of breaches on SMBs – 60% go out of business within 6 months of a breach. Here is what iNSYNQ CEO, Elliot Luchansky, had to say to his customer base:
From: Elliot Luchansky
Date: Jul 19, 2019, 11:27 AM -0400
Subject: Insynq Outage Update
We are in a difficult situation but I want you to know that I wholeheartedly understand the fact that you’re in an even more difficult situation, because your business and your customers are impacted by this outage in such a big way. As a fellow business leader – one with clients that I genuinely consider to be our partners – events like this are incredibly frustrating. To say it’s devastating to be the victim of a cyberattack that has such a direct impact on your business, would be a wild understatement. It’s a very scary feeling, and I fully appreciate the feeling of helplessness, anger, and frustration you’re probably feeling right now.
We are taking extreme measures to get your data and environments back up and running extremely quickly. To manage expectations, it is unlikely that we will be able to accomplish this today. Although we cannot promise anything, we are taking aggressive steps that we hope may have you back up and running as early as early next week.
Understandably, there have been many requests for backups. I want to be very clear that we are not withholding data or backups, we simply cannot safely access them at this time. We’re still doing everything in our power to ensure that the backups are available to you once we have addressed the underlying problem. Our entire team is working diligently to protect and restore access to your impacted data, which we are targeting to have made major traction by early next week.
I also want to take an opportunity to answer some of the more frequently asked questions and requests that we’re getting from customers over the past couple days, and hopefully reduce some of the uncertainty you’re facing.
Q: How did this happen?
A: As you know, these sorts of attacks are happening to our government, to the largest and most sophisticated technology companies, along with companies in every industry throughout the economy. Unfortunately, these kinds of things are now inevitable. No system is 100% impervious to malware, and we collectively were the victims of an attack perpetrated by unknown malicious actors. We wish we had a quick-fix or a way to fully eliminate these risks. If we did, then obviously this kind of event would never happen.
Q: When will I be able to access my account?
A: At this time, we do not have a concrete timeline that we can standby 100% for when the system will become available. The iNSYNQ team is working with experts that specialize in this kind of cybersecurity to work with us and we are working as quickly as possible to restore access to impacted data. In the interest of not over-promising and under-delivering, we are resisting the temptation to provide an official timeline; however, we are absolutely accelerating the process in every way we can. We are operating as if every minute matters.
Q: How can I access my data/backups?
A: As stated above, we are not withholding any files from customers. Data and backups are currently inaccessible due to the malware attack. We turned off our servers as soon as soon as we identified that we were being attacked, and are currently working very closely with industry-leading experts that specialize in working through events like this, so that we are able to restore the access as quickly as we possibly can.
Q: Is my data safe?
A: We are doing what we can to ensure your data is safe. We contained the situation as soon as we became aware of it. There is no evidence to suggest that any of your files have been copied or stolen from the iNSYNQ environment. The issue at hand centers on being able to access your files that have been encrypted; it is not a matter of your data being stolen or copied.
We’ll continue to communicate as we have more information, and believe we’ll have more clarity early next week, if not over the weekend.