Following alerts from our cybersecurity and intrusion detection system early on Sunday, February 20, we shut down public facing services globally with the intention to limit potential impact from an attack and to allow for mitigating actions.
Our forensic analysis, which is now mostly completed, confirms that Axis staff contact information was exposed. The investigation found no indications that any data related to partners, suppliers, customers our source code was affected. Nor has any trace of illegitimate activity been found in any software development-related system.
The current status is that all key business processes and most important systems are operational. Remaining systems will be made available step by step as soon as they are cleared.
We conclude that our decision to shut down Internet connectivity enabled us to stop the attack before it was completed. The time of disconnected services and limited possibilities to communicate with Axis has been an unfortunate but necessary consequence. We apologize for any inconvenience.
Find more information in our postmortem and forensic findings here.