On Monday I posted about a malware incident which caused Wolters Kluwer to take all their products offline. Last night I commented about a post on the Krebs on Security website which indicated that the author had noted suspicious write-able files on the Wolters Kluwer Tax & Accounting software Website last Friday.
Linda Gharib, Director, Marketing Communications & Media Legal and Regulatory U.S. of Public Relations at Wolters Kluwer provided the following statement regarding the Krebs posting:
Please be assured that at this time we see no evidence of correlation between the matter raised in the article you cited, and the incident we experienced and informed customers of this week. We will of course to continue to investigate this matter.
Note that we also have concerns about the article, which contains inaccuracies – here are some specific points:
- The site Krebs highlighted is a read only ftp site that serves as a download center for certain legacy tax forms. The bulk of its content is tax forms for the previous years.
- None of the data contains PII or is sensitive data.
- When Krebs contacted the Tax unit, the site was taken offline to carefully review the content. The intent is to continue to make the forms available, but ensure security protocols are met.
- As disclosed on May 7 to customers, we took offline many of our applications and are in the process of bringing them back up.
Since temporal correlation does not equal causation we need to give Wolters Kluwer the benefit of the doubt. I have every confidence that Wolters Kluwer executives will communicate all material information to their customers and their cyber-security teams as soon as they have completed they security analysis of the incident. To Wolters Kluwer’s credit — in recent years they have developed a track record of “doing the right thing” in regard to customer relations issues.
Good News: Their website now indicates that there is a temporary helpline and customer service email are back up: