Sopra Steria hit by cyber attack. IT services group suspected of falling victim to ransomware

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Sopra Steria hit by cyber attack. IT services group suspected of falling victim to ransomware

European IT services group Sopra Steria has been hit by a cyber attack.

Which would be unfortunate for any business at the best of times, but is possibly even more galling for a firm like Sopra Steria which has a specialist cybersecurity branch which claims to help customers “protect sensitive information, and prevent costly data breaches.”

Naturally Sopra Steria’s corporate clients, some of whom rely upon the firm to operate their core business processes and IT systems, will be concerned and will have plenty of questions regarding the nature of the attack.

French media reports have claimed that the company has fallen foul of the Ryuk ransomware, but for now all Sopra Steria has confirmed in a terse official press release is that it has “detected” a “cyber attack” on its network:

Sopra Steria press release

A cyberattack has been detected on Sopra Steria’s IT network on the evening of 20th October.

Security measures have been implemented in order to contain risks.

The Group’s teams are working hard for a return to normal as quickly as possible and every effort has been made to ensure business continuity.

Sopra Steria is in close contact with its customers and partners, as well as the competent authorities.

Of course, it is confirmed that a ransomware attack lies at the heart of this security breach there will not only be questions about how quickly the firm will be able to get up and running again, but also whether sensitive data might have been exfiltrated during the hack.

Sign up to our free newsletter.
Security news, advice, and tips.

Although it might be easy for those unaffected to be bemused by the irony of a company like Sopra Steria being hit by ransomware, it’s really a reminder that any organisation could potentially fall victim to a determined attack.

All companies, big and small, need to be on their guard and put defences in place to reduce the chances of becoming the next victim.

We don’t know presently what the scale of the security breach is, or its precise nature, but it’s worth underlining that Sopra Steria is a casualty of cybercrime, and that our strongest anger should be directed at those who launched the attack in the first place.

Further reading: Sopra Steria confirms it has been hit by new strain of Ryuk ransomware, will take weeks to return to normal operations


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.