Sodinokibi ransomware gang has just hit the famous American winemaker, Brown-Forman. The Sodinokibi group claims to have stolen about 1TB of data, that has sensitive data belonging to both the company and its employees. While the Brown-Forman seems uninterested in negotiations, Sodinokibi has already made a page to leak the stolen data.
Brown-Forman Hit by Ransomware Attack
The US spirits and winemaker, Brown-Forman has notable brands under its name like Jack Daniel’s, Lopez tequila, Collingwood, Herradura, Glenglassaugh, and Glendronach, El Jimador, Finlandia vodka, Woodford and Old Forester. The company was hit by Sodinokibi (also known as REvil) group as per BleepingComputer.
While the ransomware group is advertising the attack, a Brown-Forman spokesperson too has confirmed the attack. He said that some information including the employee data was impacted. Also, they’re working with law enforcement and employed world-class data security experts to resolve the issue as soon as possible. On the other hand, Sodinokibi group claims to have stolen over 1TB worth of data.
Though the exact details of how the attack has happened weren’t described, Sodinokibi’s screenshots on the leak portal show files with names and directories dating back to 2009. There are conversations between employees, company contracts, agreements, financial statements and other internal correspondence were impacted in the leak.
The ransomware group has managed to roam within the Brown-Forman system network for over a month, checking all the cloud data storage, user services and general structure. Brown-Forman admins are quick to respond to the suspicious behaviour they detected, as they quickly terminated the ransomware’s operations. This limited Sodinokibi to just steal the files, where they should be encrypting the network as the next step.
Sodinokibi operates similar to other ransomware groups, where they exploit bugs, steal data, encrypt files and leave a ransom note to be contacted. As of now, Brown-Forman seems not to be proceeding with Sodinokibi’s demands, but the ransomware group is already advertising to sell data to the highest bidder in case of non-payment.
Other Trending News:- News