Operational Updates

Update 5 November 2022 – 14:00 CET

On November 4, Field suffered a cyber-attack. The attack was a financially motivated ransomware attack.

Our cyber security taskforce, including support from Orange Cyberdefense acted immediately and quickly identified and isolated the attack.

Facts

• The attackers have not been able to access either file structure or download any data. We have verified that no data has been lost.

• We have temporarily taken some of our systems out of service, while complete investigation and error correction takes place.

• Affected customers and partners will not have access to log in and download data from our server service during this time.

• We expect that our services will return to normal operations during Monday 7 November.  

• The attack has been eliminated and poses no threat to customers or partners. We have verified our all our systems and are confident the attack has not spread to other parts of our IT infrastructure.

“Safe deliveries to our customers is our number one priority and a critical part of our daily security work. In the past year our organization has put a lot of effort into our ISMS (Information Security Management System) and ISO27001 certification process. Without this focus, we would have been less equipped to deal with data attacks like this. Going forward will have an even greater focus on security and reducing potential vulnerabilities,” says Cato Vevatne, CEO at Field.

Update 4 November 2022 – 23:00 CET

Field was today subject to a cyber-attack on one of its servers. We immediately deployed our cyber task force and initiated mitigating actions. Our team is being supported by our external data security partners, Orange Cyberdefense. 

“We have discovered a cyber-attack on Field. We immediately deployed our cyber security task force according to our Information Security Management System and initiated mitigating actions. The affected server were shut down and isolated, and we have verified that we have uncompromised backups in place. We have been supported by our external data security partners to neutralize and investigate the attack, and the breach has been reported to the authorities," says Cato Vevatne, CEO at Field. 

Based on our preliminary investigation we can confirm that the affected endpoint is a single server. The server is taken offline and isolated. The incident has caused us to take down parts of our IT infrastructure while we are safeguarding our systems for any additional vulnerabilities. While we are doing this, some of our customers will not be able to access their data, since the server is taken out of operation. 

Our priority is to ensure safe and uninterrupted operations for our customers. Our short-term production and ability to deliver to customers will be affected over the next few days, but 
Our goal is to resume normal operations ASAP during the coming days. 

Information regarding the cyber-attack will be continuously updated on https://field.group/insight/operational-updates