Software AG Data Released After Clop Ransomware Strike

Software AG Data Released After Clop Ransomware Strike

The Clop group attacked Software AG, a German conglomerate with operations in more than 70 countries, threatening to dump stolen data if the whopping $23 million ransom isn’t paid.

Clop and the group’s signature malware has struck again — this time hitting a giant target in the form of German software conglomerate Software AG. The company isn’t paying a mammoth $23 million ransom (so far), and over the weekend it confirmed that the crooks were releasing company data, according to reports.

The Clop ransomware cybercriminals were able to infiltrate the company’s systems in early October. The company released a statement on October 5 publicly announcing the attack, adding, “While services to its customers, including its cloud-based services, remain unaffected, as a result, Software AG has shut down the internal systems in a controlled manner in accordance with the company’s internal security regulations,” the statement read.

But that assessment turned out to be prematurely rosy. Just days later, the company had to admit that Clop was, in fact, able to access and download customer data. And on Saturday, it admitted that the data was being released, according to Bloomberg.

“Today, Software AG has obtained first evidence that data was downloaded from Software AG’s servers and employee notebooks,” the company said in its follow-up statement. “There are still no indications for services to the customers, including the cloud-based services, being disrupted.”

The company has shut down internal systems as a security precaution – as of the time of this writing, the effects of the cyberattack are dragging on.

“Ransomware gangs are becoming bolder and more sophisticated, going after larger and more lucrative targets with their criminal attacks,” said Saryu Nayyar, CEO at Gurucul, via email. “This recent attack against Germany’s Software AG is one of the largest ransomware attacks, but it will certainly not be the last. Even with a complete security stack and a mature security operations team, organizations can still be vulnerable. The best we can do is keep our defenses up to date, including behavioral analytics tools that can identify new attack vectors, and educate our users to reduce the attack surface.”

She added, “With little risk of punishment and potentially multi-million dollar payoffs, these attacks will continue until the equation changes.”

hacks iot malware web security $23 million clop cybercriminal data breach data security double extortion germany malware malware analysis ransom ransomware software ag

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Best Custom Web & Mobile App Development Company

Top Web & Mobile Application Development Company in India & USA. We specialize in Golang, Ruby on Rails, Symfony, Laravel PHP, Python, Angular, Mobile Apps, Blockchain, & Chatbots

Software Security Primer

As a developer, when you think of security, what comes to mind? Is it clear what are different aspects that need to be handled to make a software secure? And why you need to do that?

Unsecured Microsoft Bing Server Leaked Search Queries, Location Data

Data exposed included search terms, location coordinates, and device information – but no personal data.

Home Chef Serves Up Data Breach for 8 Million Records

The meal-kit company's customer records were leaked as part of the Shiny Hunters breach.Mail-order meal kits have become even more popular as the coronavirus pandemic has kept people home.

Dickey's BBQ Breach: Meaty 3M Payment Card Upload Drops on Joker's Stash

After cybercriminals smoked out 3 million compromised payment cards on the Joker’s Stash marketplace, researchers linked the data to a breach at the popular barbecue franchise.