Data center giant Equinix has been hit by a ransomware attack.

But, with the company's internal systems kept separate from customers' equipment in data centers, Equinix said that all its facilities and service offerings remain fully operational.

Stay safe out there

Equinix reception
– Equinix

"Equinix is currently investigating a security incident we detected that involves ransomware on some of our internal systems," the company said in a statement.

"Our teams took immediate and decisive action to address the incident, notified law enforcement and are continuing to investigate. Our data centers and our service offerings, including managed services, remain fully operational, and the incident has not affected our ability to support our customers.

"Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix. The security of the data in our systems is always a top priority and we intend to take all necessary actions, as appropriate, based on the results of our investigation."

The company promised to provide updates as it learned more.

Ransomware attacks are on the rise, and are increasingly looking beyond individual users and computer systems to attack larger targets - including data centers. Late last year a ransomware attack on a CyrusOne data center ended up impacting six managed services customers, while this year Garmin suffered a major outage due to an 'Evil Corp' attack which had demanded $10m. Only a week later, Canon’s systems were ravaged by a ransomware attack, causing extended service interruptions.

The severity and scale of the attack on Equinix is not known, but we will update this story as we find out more.


While Equinix has yet to provide any further details, Bleeping Computer reports sources that claim it was a Netwalker ransomware attack, with the criminals demanding $4.5 million in bitcoin. If the shakedown fee is not paid by an unknown time limit, it will double to $9m.

Screenshots seen by the publication show that folders containing financial information, payroll, accounting, audits, and data center reports were hit. It appears to be focused on Equinix's Australian operations, but that is not certain.

Update September 16, 2020 at 4:15 AM PDT:

Equinix said: "Our containment and mitigation efforts have progressed well since the detection of the incident and we have reached a milestone that we believe will prevent the release of any data associated with this incident. Our data centers and services to customers have not been impacted by the incident and our internal systems are rapidly approaching full restoration."

Update: September 17, 2020 at 7:50 PM PDT

"Our mitigation efforts have yielded full containment of the recent security incident," Equinix claimed.