Symrise, a popular fragrance and flavor maker was hit by the Clop ransomware group, which claims to have stolen about 500GB of confidential data and encrypted about 1,000 devices. Though Symrise didn’t officially reveal the ransomware attack, it described it as a cyberattack and shut down systems, and halted production.
Symrise Hit by a Ransomware Attack
Ransomware groups have almost moved away from targetting individuals unless they’re high-profile. Most of the current ransomware groups are hitting large companies that don’t mind paying ransoms for prestige. Taking this status as an advantage, Clop ransomware has hit Symrise last week.
Symrise is a popular manufacturer of flavors and fragrances hailing from Germany. The company’s outputs are being used in over 30,000 products worldwide, including the ones from Coca Cola, Nestle, and Unilever. With over 10,000 employees globally, it rakes multi-billion revenues every year.
Last week, few German media houses have reported that Symrise was hit by a cyberattack, that eventually led to shutting down some of its systems for stopping the spreading of the attack. Also, the production units have been stopped to assess the incident. While Symrise hasn’t confirmed anything yet, Clop ransomware claimed to be the authors of the attack.
The ransomware group has admitted to BleepingComputer that, they had stolen about 500GB worth of data before encrypting about 1,000 of Symrise’s devices. They also revealed the attacking vector as phishing emails, where they distributed malware to gain access to the entire network.
Supporting their claims, Clop group has posted images of the stolen data on their leak site, and it’s unknown how much ransom they’re demanding as of now. From the posted images, it’s known that confidential data like cosmetic ingredients,
accounting documents, audit reports, emails, and passports were stolen.
