GCommerce Inc., provider of electronic messaging and commerce solutions for the vehicle aftermarket, experienced a ransomware incident on Jan. 27 in one of its five environments. GCommerce President and CEO, Steve Smith said that as a result of the incident, the company immediately quarantined the environment to ensure the safety of its customers and their data.
Upon learning of the incident, Gcommerce immediately contained the issue, commenced an investigation and has been working closely with external data privacy and forensic professionals that regularly analyze these types of incidents. The investigation is ongoing, but at this time, there is no evidence that any sensitive information was accessed, acquired or taken from Gcommerce’s systems, or those of its customers, as a result of the incident.
“From the outset we took this incident seriously, knowing that we are ultimately responsible to our customers, for our actions and for our results,” explained Smith.
“We have no evidence of any data being compromised,” said Smith. “We proceeded cautiously during the restoration process and added supplemental layers of security as well as virtual machines for redundancy.”
“No one wants to wake up and learn that their company was the target of a malware incident, but it’s an ongoing reality in today’s world,” said Smith. “However, our disaster recovery process did not go as planned or expected, and we are very sorry for the business interruption to our customers.”
Smith said the company has a plan in place to ensure the security of its customers and their data, as well as a virtualized disaster recovery plan that will minimize any down time in the event of a future incident.
“We are committed to learning from this incident, becoming a stronger provider to the industry, and sharing our experience to help others protect themselves from a similar event,” said Smith. “Character is revealed on our worst days, not our best, and we are grateful to our customers for allowing us to display our character.”