Based in Foster City, California, Qualys sells cloud-based IT, security and compliance products and has about 19,000 customers across 130 countries. In a statement released Wednesday evening, the company says it uses FTA solely "to transfer files as part of our customer support system." While customer data was stolen, Qualys says that attackers did not breach its "production environments, codebase or customer data hosted on the Qualys Cloud Platform," and that all of its services remain operational and are functioning normally. Qualys issued its statement after the Clop - aka Cl0p - ransomware gang on Wednesday began listing Qualys as a victim on its leaks site and posted six screenshots containing stolen data. The image files are named "Screenshot_70.png" through "Screenshot_75.png." The site also contains a listing for "files part 1" - apparently the first batch of stolen files - which is spread across three separate zip file archives available for download.