Adata under ransomware attack: 1.5TB of data stolen

Adata under ransomware attack: 1.5TB of data stolen

Adata under ransomware attack

BleepingComputer colleagues recently reported that the Ragnar Locker ransomware group forced Adata to take its systems offline in May. Although the company claims it resumed normal operations, the group said it was able to steal 1.5TB of data before the company detected its attack.

Photo credit - depositphotos .com Second Ragnar Locker reportedly said he was able to "collect and store proprietary business information, confidential files, schematics, financial data, Gitlab and SVN source code, legal documents, employee information, NDA and workbooks" during the attack, but the material has not yet been shared with the public.

The ransomware group has been operational since at least November 2019. Sophos offered some insight into how the ransomware itself worked in May 2020, and the FBI has declared last November that "providers of cloud services, communications, construction, travel and software" were targeted. Among the other illustrious victims of the group, we can include companies such as Campari Group, Capcom and Energias de Portugal (electricity supplier in Portugal).

Photo credit - depositphotos .com There is less talk of ransomware than in a few months ago, but attacks are still common and can affect large companies like Adata or Quanta Computer. Attacks continue to affect common consumers as well, such as the recent Android ransomware disguised as a mobile version of Cyberpunk 2077. Companies have even started selling their self-defending SSDs to consumers to ease concerns about getting caught. targeted from these types of attacks. Adata told BleepingComputer that she is "determined to focus on making the system more secure than ever."

Find the 480GB Corsair Force MP500 at a discounted price on Amazon.

ADATA struck by Ragnar Locker ransomware attack

Leading Taiwan-based memory and storage manufacturer ADATA was forced to take its systems offline after it was targeted by a ransomware attack in late May, the company has admitted.

Ranked amongst the top DRAM and SSD manufacturers, ADATA also manufactures mobile accessories, gaming products, as well as electric power trains, and industrial solutions.

In an email to Bleeping Computer, ADATA confirmed that it was hit by a ransomware attack on May 23, 2021, and responded by taking down all impacted systems and notifying all relevant international authorities of the incident.

The attack is significant also because of its timing, as it comes in the midst of the ongoing chip shortage. With manufacturers struggling to keep pace with the demands, any downtime could further delay the industry's recovery.

Chip vendors have become a lucrative target for ransomware operators, who can use the threat of downtime, which can prove to be a lot more costly in these turbulent times than the ransom, as another bargaining chip. 

Crucially though, ADATA did not name the threat actors behind the ransomware operation, nor did it provide any details about the ransom demands.

However, Bleeping Computer says that the Ragnar Locker ransomware gang has already claimed that it was behind the ADATA attack. In fact, the gang claims to have made away with 1.5TB of sensitive data from ADATA's computers.

Reportedly, the Ragnar Locker has also posted screenshots of the stolen files in order to prove their claims, even as they continue to threaten to leak the rest of the data if the ransom isn’t paid.

ADATA however claims that its business operations are no longer disrupted and that it is busy restoring the affected devices.

But as has become the norm with most such ransomware disclosures, ADATA, in its email to Bleeping Computer, didn’t mention whether it has given in to the demands of the threat actors and paid the ransom to garner control over its network and data.

Via Bleeping Computer