Cyber Incident Victim: JAS Worldwide
Date:
Aug 2024
Location:
United States of America
Summary
JAS Worldwide experienced a ransomware attack that disrupted operational systems and services, prompting immediate system security measures and an investigation assisted by external cybersecurity experts. The company restored its central operations system (C1) and primary customer portal (SmartHub) within days, while email and website communications remained unaffected throughout the incident. Most billing, payment systems, and data integrations with customers and vendors were recovered, though localized functionalities and backlogged requests required ongoing resolution. Contingency plans mitigated impacts on urgent needs in some regions, with contract logistics operations largely unaffected. Recovery efforts prioritized gradual restoration, additional security measures, and case-specific workarounds as the company approached full operational stability.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 27, 2024, JAS Worldwide experienced a cybersecurity incident involving ransomware that disrupted its operational capabilities and customer services. The company immediately secured its systems upon detecting the issue and launched an investigation with external cybersecurity experts. Initial impacts included widespread technical disruptions affecting core business functions, though the majority of its contract logistics operations and certain regional entities remained unaffected. JAS did not initially provide a restoration timeframe but confirmed round-the-clock recovery efforts. By August 28, localized contingency plans were activated in multiple countries to address urgent customer needs, while central systems remained offline. The company’s email and website infrastructure, unaffected by the attack, allowed continued communication with customers and vendors.
Recovery milestones began on August 30 with the restoration of C1, JAS’s central operations system, enabling worldwide operational readiness. By August 31, central systems were fully functional, backlogged customer requests were being processed, and the primary customer portal, JAS SmartHub, resumed operations. Additional functionalities were gradually reintroduced, with billing, payment systems, and data integrations restored for most customers by September 1. Local-specific system components required ongoing resolution, and security teams implemented enhanced monitoring to mitigate future risks. Throughout the incident, JAS maintained transparency via regular updates, emphasizing a methodical, phased restoration approach to ensure system stability. No data breaches or unauthorized access to communication platforms were reported during the recovery period.