The company for the production of flavors and aromas "Symrise" suffered cyber attack by Clop ransomware, in which hackers They seem to have stolen 500 GB of unencrypted files, while encrypting about 1.000 devices.
Symrise is a major producer of flavors and aromas used in over 30.000 products worldwide, including Nestle, Coca-Cola and Unilever. It is worth noting that Symrise had revenues of about 3,5 billion euros in 2019, and currently employs over 10.000 people.
Last week, German media reported that the flavoring company had been hit by a cyber attack that forced it to shut down systems in an effort to prevent its further spread. Specifically, Symrise told Reuters the following: "In order to be able to assess the consequences and prevent possible further effects, the company shut down all key systems". Symrise also said it had temporarily halted production and closed the plant to further investigate the extent and damage that the attack may have caused.
The gang behind the Clop ransomware claimed responsibility for the attack, telling BleepingComputer that it had encrypted 1.000 devices. The hackers who developed the Clop ransomware also pointed out to BleepingComputer that they had violated the network of Symrise using malware distributed through Phishing e-mail. The hackers added that they just got it access on the network, stole 500 GB of unencrypted files before developing ransomware.
To substantiate its claims, the Clop ransomware gang published pictures of allegedly stolen files on a data leak site. The leaked images relate to passports, accounting documents, audit reports, confidential cosmetic ingredients and e-mail.
Clop ransomware is also behind attacks on Maastricht University, Software AG IT, ExecuPharm, Indiabulls and E-Land, where hackers claimed to have stolen 2 million credits cards.