Beverage Giant Campari Went Offline Following Ransomware Attack

Italian beverage giant Campari turns out to be the latest victim of a cybersecurity incident. Campari has itself confirmed to have suffered a malware attack, though reports hint at the Campari incident being a ransomware attack.

Campari Suffered Ransomware Attack

The Italian beverage firm Campari Group has disclosed a malware attack affecting its systems. The company shared news of the incident via a press release.

As revealed, the firm suffered the malware attack on November 1, 2020, following which, it pulled its systems offline. As stated in the press release [translated],

Campari Group informs that, presumably on 1 November 2020, it was the subject of a malware attack (computer virus), which was promptly identified…
The company has implemented a temporary suspension of IT services, as some systems have been isolated in order to allow their sanitation and progressive restart in safe conditions for a timely restoration of ordinary operations.

Though, the firm, at present, has not shared any more details about the incident. All they have confirmed is the continuation of investigations.

However, according to a malware researcher with the alias Pancak3 on Twitter, Campari has suffered Ragnar Locker ransomware attack.

According to ZDNet, the ransomware gang has stolen data from the company systems following the infection. The attackers also shared screenshots to back their claims on their dark web leak site.

Currently, the attackers have demanded $15 million as ransom.

Ragnar Locker is among those ransomware gangs that leak stolen data if the victim party fails to pay the ransom. They have also threatened to do the same via their ransom note as well.

Around the same time, Ragnar Locker also targeted the Japanese game developer Capcom stealing 1TB of their data.

For Campari, the exact volume of stolen data remains unclear. However, they did steal some sensitive information from the company’s network as per the screenshots.

Campari Group hasn’t yet commented on the claims of ransomware attack.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients