On the morning of January 15, 2015, an Infor employee received an email from a business contact with an attached zip file containing a virus which spreads itself by sending an email to the recipient’s entire contact list. The virus tried to spread itself and your organization may have received an email from an infected Infor contact. Upon discovery of the issue, Infor’s malware response plan was promptly activated.
The following are the results of Infor’s investigation and response to the incident:
- The virus was identified as relatively new and, at the time it was circulated, very few commercially available anti-malware systems could identify it (although many more identify it now).
- Infor immediately took the following actions to contain the outbreak and mitigate its effects:
• Affected individuals were directed to shut down their systems pending examination and disinfection by our IT staff.
• Infected messages on our SMTP server were deleted.
• An email was sent to all employees instructing them not to open the infected email or similar emails.
• The enterprise-wide email distribution reinforced the key security training point that unusual or unexpected attachments should not be opened.
• Infor notified our anti-malware vendors of the issue and provided an example for examination and to facilitate the publication of virus signature updates.
• As soon as signature updates were made available, Infor applied the updates to its anti-malware systems.
At this time, Infor believes that the incident was isolated, that prompt action contained the spread of the virus and that the virus has been eliminated from Infor’s email systems. We apologize for any inconvenience that the incident may have caused.