The famous Italian beverage vendor, Campari Group has been hit by a ransomware attack, and it took down a large part of its IT network.
Big beverage brands like Campari, Cinzano, and Appleton are part of the Campark Group of companies.
The attack took place on Sunday, November 1. Upon analyzing the ransom note received, the attack seems to have been carried out by the RansomLocker ransomware gang.
As proof of the intrusion, the RagnarLocker gang has posted screenshots of Campari’s internal network and corporate documents on a dark web portal, where RagnarLocker runs a ‘leak site.’ Among various other documents, it also contains a copy of the contract signed by Campari with US actor Matthew McConaughey for the Wild Turkey bourbon brand.
The ransomware gang has demanded a hefty ransom amounting to $15 million. Campari does not want to deal with them and has not replied to their messages. The Italian company is currently working on a “progressive restart in safety conditions”, and has chosen to restore its encrypted systems.
Campari is not ready to pay the ransom demand.
Campari claims that they detected the intrusion as soon as it occurred. Immediate steps were taken to isolate impacted systems to prevent further spread of the malware. There has not been any significant impact on the financial functioning of the company.
However, Campari websites, email servers, and phone lines are still down, 5 days after the attack. Owing to the company’s current state of affairs, it was difficult to talk to a Campari representative.
This year, Campari seems to be the second major beverage vendor after Arizona Beverages which had to suffer from a serious cyber attack, which knocked off the online services of the companies.