Attackers claimed to steal two terabytes of files including financial reports, security files, and employees' personal data.
Business travel management firm CWT reportedly paid $4.5 million in Bitcoin to attackers who launched a ransomware campaign against the company, Reuters reports.
The campaign reportedly leveraged Ragnar Locker ransomware. In a ransom note on infected devices, the attackers claimed to steal two terabytes of CWT files including financial reports, security documents, and employees' personal data, including email addresses and salary data. It's currently unclear whether information belonging to CWT customers was also affected.
Attackers first demanded $10 million to restore these files and delete stolen information, the report states, citing messages between the attackers and CWT. A company representative agreed to pay $4.5 million, or 414 bitcoin, which was received by the attackers on July 28.
Negotiations also indicated the attackers took 30,000 computers offline; however, a person familiar with the case says the number of affected devices was "considerably less" than that.
Read more details here.
Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.
About the Author(s)
You May Also Like
Unleash the Power of Gen AI for Application Development, Securely
March 19, 2024The Anatomy of a Ransomware Attack, Revealed
March 20, 2024How To Optimize and Accelerate Cybersecurity Initiatives for Your Business
March 26, 2024Building a Modern Endpoint Strategy for 2024 and Beyond
March 27, 2024Building a Modern Endpoint Strategy for 2024 and Beyond
March 27, 2024