Chris Keall reports:
Lion confirms a cyber-attack first reported by the Herald on Monday is a ransomware attack – where hackers seize control of data or systems then demand a ransom that often runs to millions.
The brewing giant and bar owner has taken systems offline as a precaution – hitting both manufacturing and customer orders.
Read more on NZ Herald.
Update: The attack was by the Sodinokibi (“REvil”) threat actors. On June 17, the threat actors publicly warned Lion:
Hello, you have 5 days to contact us and pay, otherwise all your financial, personal information your clients and other important confidentinal (sic) documents will be published or put up for auction.
REvil did not dump any files at this point, but did post screencaps of directories of files on Lion’s server.