Recent Security Incident: Statement from SHI
Updated 8am ET, July 11th
We are pleased to provide a further update on SHI’s return to business as usual. As of 8am ET this morning, the vast majority of SHI’s internal and external-facing systems are fully operational.
Customers can now log in to their accounts on shi.com (enhanced security protocols are in place) and can resume placing and tracking orders.
Our Integration Centers at Knox and Ridge are fully staffed for warehouse operations, configuration, and deployment. Our team is working hard to get caught up fully on all outstanding tasks.
Customer integrations with SHI for ordering and other functions are now fully operational again.
All sales teams across SHI now have restored access to all systems necessary to help customers get quotes and pricing, place orders, and manage contracts.
The security and integrity of SHI’s systems – and, by extension, the security of our customers – is paramount to SHI and we continue to bring more systems online in a carefully controlled manner.
In that light, from today, we are pleased to offer SHI customers our usual ridiculously helpful levels of service.
Updated 4pm ET, July 8th
As previously communicated, we experienced a cybersecurity incident over the 4th of July weekend. We are working with a forensic service provider and law enforcement to investigate the incident. At this time, we have no evidence that any sensitive customer data was compromised.
We take the protection of our customer and business data very seriously. We continue to work as quickly as possible to restore our systems and business processes. As those systems are restored, precautionary steps are being taken to verify their integrity.
We will continue to provide updates directly to customers and partners as new information becomes available.
Updated 8am ET, July 6th
Over the Fourth of July holiday weekend, SHI was the target of a coordinated and professional malware attack. Thanks to the quick reactions of the security and IT teams at SHI, the incident was swiftly identified and measures were enacted to minimize the impact on SHI’s systems and operations.
These preventative measures included taking some systems, including SHI’s public websites and email, offline while the attack was investigated and the integrity of those systems was assessed.
As of this morning (July 6th), SHI staff now have access to email again and the IT teams at SHI continue to work on bringing other systems back to full availability in a secure and reliable manner.
Customers have full access to their account teams and specialists via both email and phone.
While the investigation into the incident is ongoing – and SHI is liaising with federal bodies including the FBI and CISA – there is no evidence to suggest that customer data was exfiltrated during the attack. No third-party systems in the SHI supply chain were affected.
SHI will keep customers informed as we return to business as usual.