Netherlands-based Wolters Kluwer is a provider of professional information, software, and services for the healthcare, legal, financial and regulatory sectors. The company has customers in nearly every country around the world and last year it reported annual revenues of $4.8 billion.
The company started seeing what it described as “technical anomalies” on May 6. This triggered an investigation that led to the discovery of malware. One of the most impacted units of Wolters Kluwer appears to be CCH, which provides software and information services for accounting, tax, and audit workers. Many users have complained on social media about not being able to access CCH websites and cloud-stored tax data.
Wolters Kluwer released a public statement saying that, “On Monday, May 6, we started seeing technical anomalies in a number of our platforms and applications. We immediately started investigating and discovered the installation of malware. As a precaution, in parallel, we decided to take a broader range of platforms and applications offline. With this action, we aimed to quickly limit the impact this malware could have had, giving us the opportunity to investigate the issue with assistance from third-party forensics consultants and work on a solution. Unfortunately, this impacted our communication channels and limited our ability to share updates.”
On May 7, we were able to restore service to a number of applications and platforms.
We have seen no evidence that customer data was taken or that there was a breach of confidentiality of that data. Also, there is no reason to believe that our customers have been infected through our platforms and applications. Our investigation is ongoing. We want to apologize for any inconvenience this may have caused.”
Wolters Kluwer has not shared any information about the malware it detected on its systems. However, according to some reports, the incident involved MegaCortex, a piece of ransomware that has been increasingly used to target enterprises.
Wolters Kluwer says that it is working around the clock to restore services.