Security News > 2020 > October > Software AG IT giant hit with $23 million ransom by Clop ransomware
The Clop ransomware gang hit the network of German enterprise software giant Software AG last Saturday, asking for a ransom of $23 million after stealing employee information and company documents.
Software AG is a software company headquartered in Darmstadt, Germany, with more than 5,000 employees and operations in over 70 countries around the globe.
"While services to its customers, including its cloud-based services, remain unaffected, as a result, Software AG has shut down the internal systems in a controlled manner in accordance with the company's internal security regulations," the software giant adds.
MalwareHunterTeam told BleepingComputer that they gained access to this information after finding the Clop ransomware executable used in the attack on Software AG. The Tor payment site showing the Software AG ransom demand shows that the ransom asked by Clop for decrypting all encrypted computers on the company's network is $23,000,000.
According to the chat section of Clop ransomware's leak site, the attackers were able to steal information on employees' passports, health bills, and emails, also publishing a screenshot with a folder tree containing additional info potentially stolen from Software AG. The chat on the Software AG payment site shows the Clop actors threatening to publish the entire batch of roughly 1 TB of data they claim to have stolen from Software AG's devices including "Documents, contracts, reports, mail correspondence, contact lists, certificates, etc."