Telecom giant Lumen says it discovered two separate cyber intrusions

Multibillion-dollar telecommunications firm Lumen Technologies told regulators Monday that it had discovered two cybersecurity incidents, including a ransomware attack that has been degrading services for some enterprise customers.

In a filing to the Securities and Exchange Commission, Lumen — which was formerly known as CenturyLink — said that it caught the ransomware attack last week when a “malicious intruder” inserted malware “into a limited number of the Company’s servers that support a segmented hosting service.”

The company did not immediately respond to questions about the type of ransomware involved, the scope of the attack, or whether they have attributed it to a specific group. The company said that the incident “is currently degrading the operations of a small number of the Company’s enterprise customers.”

Additionally, the company said that it discovered a separate incident involving an intruder accessing and installing malware on “internal information technology systems,” allowing the cybercriminal to steal “a relatively limited amount of data.”

Lumen did not say what type of data was involved but explained it did not believe the incidents have had or will have a material impact on the company. It also did not say when the attack was believed to have occurred. The company discovered the intrusion after implementing enhanced security software.

The Monroe, Louisiana-based company said that it notified law enforcement and impacted customers of the incidents, and is working with outside forensic firms to investigate and contain the attacks.

Lumen, which has a market capitalization of about $2.5 billion, provides products and services related to networking, cloud, security and voice to enterprise customers in more than 60 countries. The company’s stock was up 5% as of mid-day Monday.