Thousands of computer servers around the world have been targeted by a ransomware hacking attack targeting VMware (VMW.N) ESXi servers, Italy’s National Cybersecurity Agency (ACN) said on Sunday, warning organisations to take action to protect their systems.
The hacking attack sought to exploit a software vulnerability, ACN director general Roberto Baldoni told Reuters, adding it was on a massive scale.
A spokesperson for VMware said the company is aware of the incidents and it had issued patches for the two-year-old vulnerability that is being exploited in February 2021, urging its customers to apply the patch if they have not done so.
Italy’s ANSA news agency, citing the ACN, reported that servers had been compromised in other European countries such as France and Finland as well as the United States and Canada.
Dozens of Italian organisations were likely to have been affected and many more had been warned to take action to avoid being locked out of their systems.
U.S. cybersecurity officials said they were assessing the impact of the reported incidents.
“CISA is working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed,” the U.S. Cybersecurity and Infrastructure Security Agency said.