Any updates?
40 replies (most recent on top)
If HoneyHell paid the ransomware, I wonder where the beancounters will hide it. Can't wait for the end of the quarter to see that! The auditors should be all over it, but they don't have a clue. Maybe Biden's SEC can look into it.
Hello. I am a Honeywell employee and shareholder and am interested in learning more. This site is anonymous. I do know that many servers are still down and that many software systems are not functional. In addition the employee computers are currently locked down so tightly that many critical, inhouse software applications are not functional for reasons independent of the server situation. Contrary to the company’s press release, the financial impact will be significant.
Hello. I'm a journalist following the Honeywell situation and interested in learning more. Please feel free to contact me securely and anonymously on Signal at 202-763-3303 or sean.lyngaas@protonmail.com.
Great press release. "Disrupted a limited number." Right. That's why we were told to shut down everything immediately. Honeywell can't even "lie well." Hard to believe Wall Street doesn't look deeper into the companies they cover. Kind of scary.
Press Release from Honeywell site dated 3/23
Update on Honeywell IT System
March 23, 2021
We recently detected a malware intrusion that disrupted a limited number of our information technology systems. At this time, we do not expect this incident will have a material impact on Honeywell. We promptly took steps to address the incident, including partnering with Microsoft to assess and remediate the situation. Our systems have since been secured, we identified the point of entry, and all unauthorized access has been revoked. We have also notified law enforcement. Our investigation is ongoing, but at this point, we have not yet identified any evidence that the attacker exfiltrated data from our primary systems that store customer information. If we discover that any customer information was exfiltrated, we will contact those customers directly.
We have returned to service and are firmly focused on running our operations and serving our customers. Security is a top priority at Honeywell, and we are committed to taking all appropriate measures to ensure the highest integrity of our systems.
Many systems are still down, now having trouble connecting to network with authentication.
@4dtx+19XfSGfW Like when GE looked at our books, and quietly paid EU to spooge the deal.
So a crypto event happens long after the data has been stolen.
No news just means the hackers found nothing of value worth ransom.
We were hacked big time. Guess HoneyHell isn't going to tell the customers or Wall Street.
I am laughing my soon to be it rif'ed a#s off.
Maybe it was an angry layed off employee, maybe one of those cheap cr*p indian service desk people moneyhell is so fond of.......
Let's hope it has cost a fortune and Q1 is compleyely F'ed up.........
We got hacked big time and probably the worse the company has ever seen. IT guys are up in arms with so many of their heads chopped and couldn’t forsee the lack of security safeguarding our servers. This is what happens when IT service are outsourced when the bigwigs assumed that our systems were impenetrable. How wrong they were. IT guys are now cleaning out the servers and reloading backups on each server running on Windows platforms. Little do they know that hackers do not give up that easily and it will only be too soon when we see some of honeywell’s data is out in the open for everyone to see when their ransom demands are not met.
I can see several heads about to roll after this fiasco. Oh wait, we might have actually rif’d them in the last exercise.
Aero Team Center not working yet. So no go in production. The "hockey stick" will just be bigger this week. No biggie.
Do what it takes. Like sending out repairs without 8130's? Yeah, that'll work.
Aero Deer Valley here. Any ideas what really happened? I see ransomware and virus being mentioned. But, management typically hides the truth, so any relevant information is appreciated.
It looks like things are mostly working. Some people have the network drives, some don't. Several applications aren't working.
Some of the applications not working are those needed to move product to the next operation. Management is sending out emails to "do what it takes".
back to work slaves, its the end of the most important quarter in Honeywell existence
"Security is a top priority at Honeywell" unless it costs too much, and then well if it impacts the Upper Management's MIPS, or if the passwords are left open because of employee turnover..... Just Sayin!
Just sent out.
Update on Status of Honeywell Network
UPDATE ON STATUS OF HONEYWELL NETWORK
SHEILA JORDAN | CHIEF DIGITAL TECHNOLOGY OFFICER
I am writing to provide an update regarding the recent issues experienced with our IT network. Our network has been stabilized, and you may now access both Honeywell’s network and the virtual private network (VPN). While most of our applications have not been affected, we shut down several hundred of them out of an abundance of precaution. We are working diligently to bring everything back online. If you have issues accessing any application you need to do your job, we encourage you to check back later in the week, but in the meantime, you’re welcome to report the issue by opening a ticket on IT Direct.
Security is a top priority at Honeywell and we are committed to taking all appropriate measures to ensure the highest integrity of our systems. You play an important role in the security of our systems. If you notice any suspicious activity on the network or have any security-related concerns, please report them immediately.
We also want to take this opportunity to be on constant alert for phishing attacks. Phishing refers to when bad actors attempt to trick employees into opening malicious attachments, web pages, or programs. Be suspicious of any external emails that don’t look right, even if they appear to come from people you know. Report any suspected phishing by using the “Report Message” function on Outlook, under the “Protection” menu.
Thank you for your ongoing cooperation.
Sheila
people are being told not to power on servers or any infrastructure, payroll, TC, printers, active directory are down..
This is massive, probably the same stuff that got Acer..
no public details available yet.
Get back to work, I want to see elbows and arseholes. Go to the CFO office and get the paper tape backup from the draw and hire that consultant from India to reload it.
these are not the droids you're looking for....
People close to the problem have been told that it cannot be discussed as it will impact Honeywell and encourage the hoodlums. SOP.
You don’t need to know and will not get the real story.
Meanwhile use today to get the oil on your car changed. Everybody will be heading back to the office sooner rather than later after this debacle. Will take a few months but this is going to drive a new wave of attention as management has no choice but to appear active.
For those complaining about that guy's post, why are you even on here checking for actual status. 🤣 Check the main internal page that's accessible without vpn. It shows status there.
@1crx, using your line of reasoning, what does it say about you that you are here on a weekend, ragging on HON employees?
Root cause: No Management Foresight.
12:30 PM and no new data. Does any one on this thread have insight to what the root cause is ?
@1crx: Do you really not comprehend that many of the Honeywell factories operate 24/7?
Took two weeks to get from down to limping in Florida a month ago with no explanation as to what was wrong. Now it is the entire global enterprise... 1 site vs 100’s of sites. Sensing a trend.
On the bright side the Honeywell spin machine is doing their normal OUTSTANDING work managing reputations. Not a peep in the news even though other manufacturers are reporting attacks concurrently.
I heard it was the FBI seizure of all hard drives to prove Cote and Darius cooked the books. ;) Or maybe it really was the FBI??
No VPN access as of 6am Sunday. No further email communication from IT since the end of last week. Not good.
Another few paid day off!!!
Yea that cio from Symantec and all her friends she brought over and gave jobs.
@1crx+19XfSGfW. Hey funny guy gal or whatever you call yourself. Some of us are shift workers and trying see what's going on. So with you chiming in like that is probably the I type person or nose up.arses.
Who cares. It's Saturday and you guys should get a life. You like Honeywell so much that you need to talk about it on Weekends? Computer working or not is a Monday problem. Save some material for weekdays.
Sounds like there is a backstory here...fill us in?
But but but didn't we hire some security genius a year ago to lead IT who was going to save us from this and who sends out a windbag letter every week celebrating non-accomplishments?
How could this happen to a cutting edge software company like Honeywell? A company that is developing a state of the art Quantum computer. Could it be that they laid off everyone that knew how to support their network and hired people that know nothing in North Carolina and low cost countries?
Was told expect to be down on Monday!
Fortunately Honeywell’s circa 1980 factories will not be stopped by this.. and there is little of value in any server data. Good luck getting ransom.
Maybe the VP of IT and Cyber Security will pay up just so he can keep his job.
Nothing in IL still just using the HMIs to run and watch over the pilot plants.