A ransomware attack has disrupted operations at some Eurofins Scientific locations, including Eurofins Lancaster Laboratories, according to employees.
Local employees say some workers here were sent home last week from the New Holland Pike testing complex because their equipment had been infected.
A Eurofins Lancaster Labs spokeswoman declined on Monday to answer LNP’s questions about the situation, instead referring LNP to Eurofins Scientific headquarters in Brussels. Corporate spokesmen did not respond to LNP’s inquiries Monday or Tuesday.
Eurofins Scientific announced June 3 that a ransomware attack over the weekend of June 1-2 had “caused disruption” to some of its information technology systems.
The two-paragraph statement did not identify which locations had been affected by the “new variant of malware.” Nor did it specify what ransom was being sought.
Eurofins Scientific did say that it saw “no evidence of unauthorized transfer or misuse of data.”
A second statement on the incident, issued Monday, shed a little more light on the scope of the situation, saying the malware had “caused disruption to many of its IT systems in several countries” but still did not identify them.
“Many of the affected sites were only partially impacted and their restart to full productivity can happen progressively over time,” said Eurofins Scientific.
The timetable for that recovery remains to be determined, the company indicated.
“It is also too early to evaluate what proportion of the lost work days in the affected companies can be (made up) over the next few days and weeks, including through additional shifts and weekend work,” Eurofins Scientific said.
Eurofins Scientific also added more detail about the malware.
The new variant, the company said, “was initially non-detectable by the anti-malware screen of our leading global IT security services provider at the time of the attack and required an updated version made available only hours into the attack.”
Eurofins Scientific said the attack was carried out by “highly sophisticated well-resourced perpetrators.”
The financial impact of the attack has yet to be calculated, said Eurofins Scientific, but the company did say “the impact ... may unfortunately be material,” meaning significant.
Eurofins Scientific bought Lancaster Labs in 2011 for about $200 million. The local company, with more than 1,200 employees here, does pharmaceutical and environmental testing.
Spokesmen for East Lampeter police and the Lancaster County District Attorney’s Office said their organizations were not involved in the investigation of the malware attack.