Kaseya's Staff were fired for pointing out and/or trying to fix the security vulnerability, as early as 2017, that led to thousands of companies being hit with a ransomware attack recently.
"One former employee told Bloomberg that in 2019 he sent Kaseya higher-ups a 40-page memo outlining his security concerns, one of several attempts he made during his tenure to convince company leaders to address such issues.
"He was fired two weeks later, a decision he believes was related to these efforts, he said in an interview with the outlet."
Depending on the states where affected MSPs were located, I wonder if there is grounds for it?
Listen to this, also from the B article:
"After studying database log files, Weiss [an MSP owner in CA] said he proved to Kaseya that its software was the vector the hackers had used to target his company.
“They didn’t assign anyone to my account or even follow up to make sure everything was going OK,” he said. “I felt like I was on my own.” He subsequently terminated his contract with Kaseya."
It will be complex, but certainly can happen.
Kaseya supplied services and software to other companies, and such contracts always contain provisions about data protection and information security. If Kaseya customers choose to sue them for violation of contract, they have huge chances of winning.
@Theeo123 The paragraph which really leaped out at me from that article? The one about outsourcing to Belarus.
That part of the timeline meshes pretty well with the start of our organization seriously considering bailing on the product, which up to that point we'd loved and used for a dozen years or so.
I'm so, SO glad we jumped ship in 2019.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!