Campari group victims of ransomware attack

Tuesday, Nov 10, 2020

Beverage giant Campari Group has become the latest big-name brand to suffer an apparent ransomware attack forcing IT services offline.

The Italian firm issued a statement on Tuesday claiming it was hit by a malware attack “presumably” on Sunday November 1.

“The groups IT department, with the support of IT security experts, immediately took action to limit the spread of malware in data and systems,” it added.

“Therefore, the company has implemented a temporary suspension of IT services, as some systems have been isolated in order to allow their sanitization and gradual restart in safe conditions for a timely restoration of ordinary operations.”

The drinks group — which includes brands such as Aperol, Wild Turkey, Grand Marnier and Appleton Estate — tried to play down the seriousness of the incident.

“An investigation into the attack was launched, which is still ongoing. It is believed that the temporary suspension of the IT systems cannot have any significant impact on the groups results,” it claimed.

At least one researcher has taken to Twitter to claim that the group is being ransomed by the RagnarLocker variant, the same gang thought to have compromised Japanese gaming giant Capcom in recent days.

There is no mention by Campari of any potential data loss, although RagnarLocker is known to have exfiltrated sensitive information from previous victims.

If it were to pay to keep any private data offline, the firm would be minded to note the warnings of security vendor Coveware this week.

The firm claimed in a recent Q3 2020 roundup report that ransomware groups are increasingly breaking their promises to delete data after a payment has been made. Many publish anyway and/or demand a second ransom payment.

Do you want to know more about IT-Security?




 Camino del Morro, 17
 35640, La Oliva, Spain