Cyber Incident Victim: AddComm

AddComm experienced a ransomware attack between May 5 and May 17, 2024, with the intrusion culminating in system encryption on May 17 that alerted the organization to the breach. Cybercriminals gained unauthorized access to customer data, encrypted internal systems, and exfiltrated information during the two-week compromise period. The attack rendered AddComm's systems inoperable for multiple days, preventing customer access to services. Upon detecting the encryption activity on May 17, AddComm immediately engaged external cybersecurity experts to conduct forensic analysis alongside their internal IT team. Restoration efforts prioritized security, with systems gradually returning to operation and customers being reconnected through controlled reactivation procedures.

The confirmed impacts included temporary service disruption, confirmed data theft of unspecified customer information, and system unavailability lasting several days. AddComm initiated a police report following the incident but could not specify which customers or datasets were affected by the theft. The attackers were successfully expelled from systems, with no evidence of compromise spreading to customer-owned infrastructure. Ongoing forensic work continues to investigate the attack vector and full data exposure scope. AddComm established a dedicated customer inquiry channel ([email protected]) while publicly acknowledging the incident and apologizing for operational disruptions. No ransom payment details or attacker identities were disclosed in available information.