Travel Management Firm CWT Pays $4.5M to Ransomware AttackersTravel Management Firm CWT Pays $4.5M to Ransomware Attackers
Attackers claimed to steal two terabytes of files including financial reports, security files, and employees' personal data.
August 3, 2020
Business travel management firm CWT reportedly paid $4.5 million in Bitcoin to attackers who launched a ransomware campaign against the company, Reuters reports.
The campaign reportedly leveraged Ragnar Locker ransomware. In a ransom note on infected devices, the attackers claimed to steal two terabytes of CWT files including financial reports, security documents, and employees' personal data, including email addresses and salary data. It's currently unclear whether information belonging to CWT customers was also affected.
Attackers first demanded $10 million to restore these files and delete stolen information, the report states, citing messages between the attackers and CWT. A company representative agreed to pay $4.5 million, or 414 bitcoin, which was received by the attackers on July 28.
Negotiations also indicated the attackers took 30,000 computers offline; however, a person familiar with the case says the number of affected devices was "considerably less" than that.
Read more details here.
Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks