CommScope employees left in the dark after ransomware attack

CommScope employees say they haven't heard from executives in over a week about how the company is responding to a ransomware attack, which allowed hackers to steal reams of corporate and employee data from its systems.

The technology giant, which designs and builds network infrastructure products for companies, hospitals, schools and federal networks, recently admitted it was hit by a ransomware attack on March 27 after some of the company's stolen files subsequently appeared online.

A ransomware gang known as Vice Society claimed responsibility for the attack by posting the company's stolen data to its dark web leak site, which it uses to extort victims by threatening to publish internal files if a ransom demand isn't paid.

The stolen data contains troves of internal documents, technical drawings, internal corporate databases, invoices and corporate spending. Some of the data also includes employees' personal information.


Several CommScope employees told TechCrunch that their last communication from executives about the cyberattack was on April 18, saying the company was "continuing to work expeditiously to review and validate the data asserted to have been posted on the dark web."

"We believe any employee data involved in this incident would have been inadvertently stored outside our cloud-based human resources information systems," CommScope general counsel Justin Choi told employees in an email.

An email sent to employees a day earlier said the company said it does "not have evidence" to suggest employee data was involved.