Cyberattack: REvil ransomware group hits Jack Daniel's-maker and the Ritz London
The maker behind Jack Daniels bourbon whiskey and the Ritz London have become the latest victims of cyberattacks.
The REvil ransomware group hit the US wine and spirits giant Brown-Forman, maker of Jack Daniel's.
Although Brown-Forman claims to have prevented attackers from encrypting their files, hackers said they have access to "1TB corporate data which they have threatened to leak on the Dark Web", reports threatpost.com.
According to Jonathan Knudsen, Senior Security Consultant at Synopsys Software Integrity Group, as Brown-Forman reported that they've successfully prevented attackers from encrypting files, while few details have been released yet, "it would appear that they have been working to implement a proactive security strategy".
"Times like these illustrate how valuable that proactivity can truly be," Knudsen said in a statement on Wednesday.
Jack Daniels or JD is the best-selling premium distilled spirit brand worldwide including in India.
Situated in the Lynchburg town, 110 kms southeast of the music city of Nashville, the JD Distillery was established in the 1830s and registered by its owner Jack in 1866, making it the oldest registered distillery in the US.
Every year, about 3 lakh people tour the JD distillery.
Meanwhile, the Ritz Hotel in London has launched an investigation into a data breach.
In a series of messages posted to Twitter, the luxury hotel chain said the company was made aware of a "potential data breach within our food and beverage reservation system."
"This may have led to the compromise of some of our clients' personal data".
According to Knudsen, ransomware is effective and devastating because it allows hackers to sell information back to the people who value it most — the victims.
"Businesses can reduce the risk of a catastrophic breach by taking a proactive, security-first stance and following industry best practices in designing and implementing their technology solutions," he said.
REVil, also known as Sodin or Sodinokibi, isn't just operating on the old-school ransomware model of "scramble your files and offer to sell you back the decryption key".
The hacking group in May got access to secret data belonging to one of the premier media and entertainment law firms in the US representing top-notch celebrities.
REvil initially demanded $21 million ransom from the law firm, Grubman Shire Meiselas & Sacks, after stealing 756 gigabyte of confidential data that include contracts, nondisclosure agreements, phone numbers and email addresses, and "personal correspondence" of some of the top Hollywood and music stars.
The list had names like Priyanka Chopra, Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen, Christina Aguilera, Mariah Carey, Jessica Simpson, Naomi Campbell, Robert De Niro, Sofia Vergara, Spike Lee, the Osbournes (Ozzy, Sharon and Kelly) and several more.
*Edited from an IANS report