Some lab results will be delayed, company warns

Ransomware attack on Montrose Environmental Group disrupts lab testing services

Montrose Environmental Group, a US-based provider of environmental services, has revealed it was hit by a ransomware attack last weekend that disrupted its laboratory testing operations.

In a statement issued on Tuesday (June 14) the Arkansas-headquartered company said: “We believe the incident primarily affected computers and servers within our Enthalpy Analytical laboratory network,” adding that it expects “certain lab results within our Enthalpy business will be delayed”.

Enthalpy Analytical, a Montrose subsidiary, operates 11 environmental testing laboratories around the US that test air, soil, water, and other substances for toxicity and pollutants.

‘Highly sophisticated’

Montrose, which has 80 worldwide locations, provides clients in industries such as manufacturing, oil and gas, and government services including leak detection and repair, soil and groundwater remediation, biogas solutions, and environmental advisory services.

The nature of the ransomware attack, “as well as information from law enforcement and independent cybersecurity experts, lead us to believe that this attack has been carried out by highly sophisticated bad actors”, said Montrose.

Upon discovering the network intrusion Montrose suspended affected systems, notified law enforcement, and began remediating the incident with the help of internal and external IT and cybersecurity experts.


Catch up on the latest ransomware news and attacks


At present Montrose does not “believe our backup data and cloud-based enterprise systems, including email, have been affected, and we are actively working to restore impacted systems as soon as possible”.

It also does “not currently anticipate major disruption to our other services and [is] in the process of notifying clients as appropriate of any delays or impacts due to the attack.”

Montrose added: “In the event the investigation identifies any access or other impacts to third-party data or information, we will notify the affected third parties and appropriate regulatory bodies.”

Montrose concluded that it anticipates “limited impact and rapid recovery from the attack”, although “circumstances may change as we learn more about the incident”.

The Daily Swig has asked Montrose if it would like to comment further. We will update this article if and when they choose to do so.


DON’T FORGET TO READ Kaiser Permanente data breach exposed healthcare records of 70,000 patients