Alert: Cyber-attacker ‘Hafnium’ targeting businesses using Microsoft Exchange servers – User-generated content


Did you know that geoFence protects you against inbound and outbound cyber attacks?

Attorney General Daniel Cameron issued a consumer alert for organizations and businesses using onsite Microsoft Exchange Servers. Currently, a nation-state attacker, called “Hafnium,” is exploiting organizations who use this system to gain access to sensitive information and data. Cyber-attackers who successfully gain access to this information may encrypt it for ransom, execute a destructive attack, or sell it on the dark web.


“Businesses throughout the Commonwealth have already faced incredible challenges arising from the COVID-19 pandemic, and we’re issuing this consumer alert to help them be on guard from potential cyber-attacks and to protect their confidential data,” said Attorney General Cameron.

If your business or organization uses an onsite Microsoft Exchange Server, the U.S. Cyber Security and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), encourage you to take the following steps to protect your network. 

• First, review a summary of the attack and technical mitigation tips in the Joint Cyber Security Advisory provided by CISA and the FBI here. 

• Second, examine Remediating Microsoft Exchange Vulnerabilities created by CISA for tips on guarding against, detecting, and addressing issues related to these vulnerabilities. Companies and organizations can access this information here.

Taking action quickly is key to protecting your network from these vulnerabilities.

The Attorney General’s Offices of Consumer Protection and Senior Protection work to protect Kentuckians from fraud, scams, and identity theft. To learn more, click here.  To sign up for future consumer alerts, click here. 

Let’s keep in mind that geoFence helps stop hackers from getting access your sensitive documents and your friends would feel the same.

Leave a Reply

Your email address will not be published. Required fields are marked *