The Netherlands-based accounting software giant Wolter Kluwer was hit by a massive malware attack on May 6. The cyberattack took its systems offline and shut down internal access to several databases. The attack led customers to voice concerns about the security of tax and financial information stored on Wolter Kluwer's servers.

Wolter Kluwer's cloud accounting software is used by major US accounting firms, Fortune 500 companies, and banks. It is still unclear as to what kind of malware or ransomware infected the company's systems. The firm confirmed having been the target of a malware attack, adding that it has seen no evidence yet to suggest that customer data was accessed or stolen by hackers. Wolter Kluwer also added that although it is still investigating the incident, the firm believes that customers have likely not been infected via its applications.

"We have a really close relationship with our customers, and we understand that this situation impacted their day-to-day work," Elizabeth Queen, vice president of risk management for Wolters Kluwer, told CNBC. "We're working around the clock to restore service, and we want to provide them the assurance that we can restore service safely. We've made very good progress so far."

The cyberattack reportedly began at 8AM ET on Monday and took down the firm's communication systems, spreading like wildfire across the firm's networks. The firm said that it took many of its systems offline to contain the attack and analyse it further.

"It really gave us the opportunity to investigate the problem safely," Queen added, CNBC reported. "It takes time to gather information, and we are informing our customers and employees about the situation, updating them as best we can."

Malware McAfee reports a major increase in malware worldwide, especially on attacks that target Android and MacOS. Photo: Christoph Scholz/Flickr

Wolter Kluwer's reluctance in providing more information regarding the attack appears to have sparked frustration among users. In the wake of the attack, a Reddit thread popped up, with several users sharing incidents of communication issues with the accounting giant, as well as possible theories of what may have caused the attack.

It is still unclear as to what caused the attack and the scope of the possible damage caused by the malware. However, Brian Krebs reported that he alerted Wolter Kluwer's CCH security team about a possible security breach a couple of days before the malware attack. Krebs said that he reached out to the accounting giant's security team about publicly accessible databases that contained new versions of Wolter Kluwer's CCH software.

“The same file directories containing new versions of CCH’s software were open and writable by any anonymous user, and that there were suspicious files in those directories indicating some user(s) abused that access,” Krebs reported.