Sodinokibi (REvil) ransomware operators have been busy over the past month, and have now claimed US fine spirits manufacturer Brown-Forman as their latest victim.
The Kentucky-based company, one of the largest US businesses in the spirits and wine business, is known for popular brands such as Jack Daniel’s, Old Forester, Woodford Reserve, GlenDronach, BenRiach, Glenglassaugh and Finlandia, among others.
According to an announcement posted on their leak website last Friday, REvil managed to steal 1TB of data, including information on company employees, agreements, internal correspondence and financial statements.
Screenshots of stolen data such as backup entries, dated June and July 2020, suggest the ransomware gang had free rein to assess the company’s network and data for over a month.
However, REvil somehow failed to encrypt the company’s devices. The reason remains unknown, but a brief company statement reveals that Brown-Forman was able to take preventive actions.
“Brown-Forman was the victim of a cybersecurity attack,” a spokesperson told BleepingComputer. “Our quick actions upon discovering the attack prevented our systems from being encrypted.”
The company official also noted that there are no active negotiations with the ransomware outfit, information backed up by a REvil post.
“We still believe in the prudence of BROWN-FORMAN and are waiting for them to continue their discussion of a way out of this situation,” the ransomware operators said.
Although encryption of company devices and data was halted, the company is not out of the woods yet.
“Unfortunately, we believe some information, including employee data, was impacted,” the company added. “We are working closely with law enforcement, as well as world-class third-party data security experts, to mitigate and resolve this situation as soon as possible.”
The company offered no additional details, but it seems fair to say Brown-Forman shows no sign of compromising with the cybercriminals.