Lumen Technologies announced Monday it was impacted by two separate cybersecurity incidents, including a ransomware attack discovered last week.
Lumen, a communications and network services firm, said a malicious actor placed ransomware on a limited number of servers that support a segmented hosting service, according to a filing with the Securities and Exchange Commission.
The Monroe, Louisiana-based company said the ransomware is degrading the operation of a small number of its enterprise customers.
Lumen discovered a second incident where a sophisticated actor accessed part of the company’s IT systems, installed malware and stole data.
The company said it discovered the separate incident after installing enhanced security software.
Based on the ongoing investigation and currently known information, Lumen said it does not believe the incident will have a material impact on its financial results, operations or ability to serve customers.
The company has notified law enforcement and is working with outside firms to contain the incidents, according to the filing. It has begun business continuity efforts to restore functionality to its customers’ systems.
Lumen is still evaluating potential responses to the ransomware attack. In addition, the firm is evaluating whether any personally identifiable information or other sensitive information was stolen.
The company said it is working with multiple advisors, relevant authorities and customers to mitigate and assess the impact of the two incidents.
