Software AG, one of the world’s largest software companies based in Germany has been hit by a ransomware attack. While the company’s services to customers remain available, it reported a data theft where sensitive information regarding its employees and company were stolen. The attacker behind this was known to be the Clop group, who’s now demanding more than 20 million for the decryptor.
Software AG Reports Data Breach
Software AG is a well-known software service provider like business process management systems (BPMS), enterprise service bus (ESB), and other business infrastructure softwares. With over 10,000 enterprise clients in 70 countries, it serves some notable clients include DHL, Fujitsu, Vodafone, Telefonica, and Airbus.
The company has reported a cyberattack on its infrastructure and is facing some internal network issues since then. While none of its services including the cloud-based remain unaffected, it later revealed that some sensitive data was stolen during the attack. The attack happened on October 3rd, and the perpetrators weren’t officially named by the company.
Yet, ZDNet reported the group behind this attack were named as the Clop gang. They have reportedly stolen sensitive data like the financial documents, employee passport – their ID scans and emails and directories from the company’s internal network. The group is now asking more than $20 million in ransom for the decryptor.
MalwareHunterTeam has found a copy of this ransomware’s binary earlier this week, which gave more details into the attack. According to them, the Software AG has refused to pay the ransom, eventually triggering the Clop group to post leak data on their leak site.
May the negotiations have failed, the Clop group has posted screenshots of some of the data they had stolen. They may eventually leak the stolen data if they further refuse to pay. Asking for a ransom of more than $20 million is one of the highest demands that happened in this space, to date.