The COVID was not enough – 19 to threaten and bring to their knees spritz and aperitifs , now we also have ransomware: Campari Group was the victim of an attack that caused a block to much of its computer network.

The attack occurred on Sunday 1 November, and was attributed to the gang RagnarLocker , at least according to what was found in the ransom investigation that a security researcher, Pancak3, would have identified and shared online. The ransom note is currently set at 15 million dollars .

15 million dollar ransom: Campari Group hit by ransomware attack

RagnarLocker is now trying to extort a sum of money from the company in exchange for the encryption key to unlock the files affected by the attack. But, as is often the case in these situations, the gang of criminals threatens to disclose confidential files stolen during the attack if Campari decides not to comply with the requests within a week of the intrusion into the computer systems.

Campari did not respond to the criminals, choosing instead to restore its systems as communicated in a press release released in recent days and explaining that it is at work to carry out a “progressive reboot “in safe conditions.

According to the statements of Campari Group, the company would also promptly detect the intrusion as soon as it occurred, thus having the possibility of isolating the affected systems preventing the spread of the infrastructure to other areas . The company claims the incident will not have a significant impact on financial results. The Group’s website was offline for a few days, and only came back online in the last few hours.

Some screenshots of Campari’s internal network and some company documents have already been published on the dark web, on a website managed by RagnarLocker and in which elements are displayed intrusion proof. In the released material there is also a copy of an advertising contract between the company and the actor Matthew McConaughey for the sponsorship of bourbon Wild Turkey , whose brand is owned by Campari Group.

Also Capcom victim of RagnarLocker

But Campari Group was not the only recent illustrious victim of the RagnarLocker group: even the Japanese developer Capcom – which readers will remember for franchises such as Street Fighter, Mega Man, Resident Evil, Devil May Cry – was hit by a ransomware attack.

In this case 1TB of data stored on the Capcom network in Japan, Canada and the USA was stolen including contracts, dismissal documents, bank statements, customer agreements, agreements of non-disclosure and anything that may constitute sensitive and confidential material for a company of the size of the Japanese developer. The ransom note for Capcom is currently unclear, but we can imagine it could be on the same order of magnitude as what is required of Campari.

The company reported that the attack did not compromise user data and that it is currently working with the authorities to investigate the case, as well as being working to restore systems.