The multinational security firm is now warning its customers about the data leak.
Sweden’s leading security firm Gunnebo AB suffered a ransomware attack, and the hackers have posted the stolen data on the dark web. Reportedly, the company’s servers were compromised in August 2020.
The attack was highly organized in which the Mount Locker ransomware group demanded a ransom in BTC, revealed the company’s CEO Stefan Syrén. However, the company refused to pay the ransom and instead reported the incident to Säpo, Swedish Security Service. The Mount Locker ransomware group then uploaded around 38,000 files to a public server.
Syrén confirmed the incident in an official statement, which read:
“Of course, we have been aware that files that originate from us are available on Darknet, and we naturally regret that this is the case. Unfortunately, this is exactly how computer criminals work.”
“Therefore, I would like to emphasize that it has never been an alternative for Gunnebo to pay a ransom to have the files deleted. The only way to curb this kind of crime is that the affected organizations do not fall short and payout ransoms.”
As per Dagens Nyheter (DN), Sweden’s leading newspaper, huge data reserves comprising sensitive customer data were stolen by the Mount Locker ransomware group and released on the dark web. On the other hand, Hackread.com has seen the data and can confirm that it is now being circulated on different hacking forums through the MEGA download link.
The data includes information about ATMs security functions, drawings of bank vaults, and alarm and monitoring equipment. Furthermore, information from Sweden’s national legislation and supreme decision-maker Riksdag and Swedish Tax Agency’s confidential drawings were also part of the stolen data.
Gunnebo was founded in 1889 and went on to become the leading provider of banking security solutions in Europe, including safe storage, cash management, and entrance control systems.
Brian Krebs from KrebsonSecurity stated that the hack dates back to March 2020, but the stolen data has recently appeared on the dark web.
In August, Gunnebo released a statement that the company thwarted a ransomware attack. However, currently, it isn’t clear whether the data available on the dark web was stolen during the same incident.
Gunnebo claims that data theft is an “extremely regrettable” IT incident.