Firms lose cloud access after Cetrom systems breach

By Ken Tysiac

Cloud services provider Cetrom has become the latest vendor to suffer a malware attack affecting systems used by CPA firms.

Cetrom became aware Friday that it was hit with a malicious virus and shut down all systems while working around the clock to resolve the issue, according to an official statement Cetrom posted to its website Thursday afternoon.

As of Thursday afternoon, Cetrom said, there was no indication that data had been stolen, and the company estimated that its clients’ systems would be operational by the end of the day Monday.

“We are currently working with a third-party forensic security company and law enforcement to ensure that all systems are safe and stable,” the company said.

Cetrom provides cloud services to CPA firms and associations and not-for-profits, and also provides Office 365 ProPlus hosting, according to its website. The company said the virus appears to be similar to the virus that hit CCH, Citrix, the city of Baltimore, and the Philadelphia court systems.

The CCH breach earlier this month lasted several days and was so disruptive that the IRS extended certain May 15 filing deadlines for CCH customers. Cetrom’s statement thanked customers for their understanding and patience.

“Our goal is to get systems back to clients as quickly as possible,” the company said. “To do this effectively, we must proceed with caution and be diligent in running manual scans on every server.”

Ken Tysiac (Kenneth.Tysiac@aicpa-cima.com) is the JofA’s editorial director.

SPONSORED REPORT

A new line of business to consider

Technology assessments may open the door to new engagement opportunities for your firm. What is a technology assessment? How do you perform one? JofA Tech Q&A author J. Carlton Collins shows you in a detailed explanation.

FEATURE

Maximizing the higher education tax credits

A counterintuitive strategy can save taxes by including otherwise excludable scholarships in gross income.