Excis

Excis is an international information technology firm headquartered in the United Kingdom. The company provides IT services and solutions to clients on a global scale, operating across multiple countries and markets. Its core business involves managing and supporting critical information technology infrastructure for its customers. The firm's international footprint indicates a client base and operational reach that extends beyond its domestic UK market. As an IT services provider, Excis would have been responsible for the security, maintenance, and functionality of the technological systems under its management. The nature of its work places it within the competitive sector of outsourced IT support and managed services, serving corporate and organizational clients who rely on external expertise for their digital operations. The company's activities involve handling significant volumes of client data and maintaining access to sensitive corporate networks, which are inherent risks in the managed IT services industry.

In May 2020, Excis was the target of a significant cyberattack attributed to the Sekhmet ransomware group. The attackers claimed to have impacted the firm "very hard," asserting that the incident exposed substantial weaknesses in the company's IT management practices. The Sekhmet group alleged that Excis's professional standards were deficient, using this as a justification for the attack and a warning to others. The assault involved the encryption of data and the exfiltration of partial data archives from Excis's servers. The ransomware operators withheld decryption passwords pending a ransom payment, a common tactic to pressure victims into negotiation. Furthermore, the attackers explicitly threatened to escalate the breach by directly contacting Excis's clients to inform them that their data had been exposed on unprotected servers. This threat aimed to increase reputational and legal pressure on the firm by potentially violating client confidentiality and trust. The incident highlighted the severe consequences of a successful ransomware attack on a managed service provider, where a single breach can compromise numerous downstream clients. The public nature of the attack and the specific criticisms levied by Sekhmet brought external scrutiny to Excis's security posture and operational resilience during that period.