Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Italian beverage vendor Campari knocked offline after ransomware attack
#1
https://www.zdnet.com/article/italian-be...re-attack/        Italian beverage vendor Campari knocked offline after ransomware attack
Campari has refused to engage with the ransomware gang and is restoring systems.      By Catalin Cimpanu for Zero Day | November 5, 2020 -- 17:20 GMT (09:20 PST) | Topic: Security    Campari Group, the famed Italian beverage vendor behind brands like Campari, Cinzano, and Appleton, has been hit by a ransomware attack and has taken down a large part of its IT network.

The attack took place last Sunday, on November 1, and has been linked to the RagnarLocker ransomware gang, according to a copy of the ransom note shared with ZDNet by a malware researcher who goes online by the name of Pancak3.      The RagnarLocker gang is now trying to extort the company into paying a ransom demand to decrypt its files.

But the ransomware group is also threatening to release files it stole from Campari's network if the company doesn't pay its ransom demand in a week after the initial intrusion.

Screenshots of Campari's internal network and corporate documents have been posted on a dark web portal where the RagnarLocker gang runs a "leak site", as proof of the intrusion. Included in these proofs is even a copy of the contract signed by Campari with US actor Matthew McConaughey for the Wild Turkey bourbon brand.    In a text chat window available to RagnarLocker victims, a Campari representative has not replied to the ransomware gang. The ransom demand is currently set for $15 million.

Instead, the Italian company appears to have chosen to restore its encrypted systems rather than pay the ransom demand, according to a short press release published on Tuesday, where Campari said it's working on a "progressive restart in safety conditions."

In the same press release, Campari also said it detected the intrusion as soon as it took place and immediately moved in to isolate impacted systems, and that the incident is not expected to have any significant impact on its financial results.

However, at the time of writing, Campari websites, email servers, and phone lines are still down, five days after the attack.

A Campari representative also couldn't be reached because of the company's current state of affairs.

Campari is the second major beverage vendor after Arizona Beverages that's knocked online because of a ransomware attack in the past two years.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Nissan reveals ransomware attack exposed 53,000 workers' social security numbers mrtrout 0 425 05-20-2024 , 02:22 AM
Last Post: mrtrout
  Norton Parent Says Employee Data Stolen in MOVEit Ransomware Attack mrtrout 0 7,939 06-20-2023 , 09:05 PM
Last Post: mrtrout
  Maastricht University gets partial ransom back after ransomware attack in 2019 mrtrout 0 744 07-03-2022 , 09:56 PM
Last Post: mrtrout
  Nordic Choice Hotels Turns Ransomware Attack into Success Story mrtrout 0 868 01-18-2022 , 11:18 PM
Last Post: mrtrout
  Sinclair TV stations disrupted across the US after ransomware attack mrtrout 0 814 10-18-2021 , 10:01 PM
Last Post: mrtrout



Users browsing this thread: 1 Guest(s)