Hackers attacked the company Stadler. A well-known Swiss train manufacturer reported about a cyberattack, during which attackers could steal data of the company and its employees.
Stadler manufactures a wide range of railway vehicles from high-speed trains to tramways and trams, and it is the world’s leading service provider in the rack-and-pinion rail vehicle industry.
Stadler employs about 11 thousand people working at 12 production facilities and in 40 services around the world.
“Unknowns managed to infiltrate the corporate IT network, infect some computers with malware, and meanwhile steal data from compromised devices”, – reports the company.
The amount of stolen data has not yet been established.
Attackers contacted the company and demanded a ransom, threatening to publish the stolen information in case of refuse to pay.The unknown perpetrators are attempting to blackmail Stadler, demanding large sums of money, and to put pressure on Stadler with the possible publication of data in order threaten the company.
After discovery of the hack, Stadler took all necessary measures to contain the attack and turned to information security specialists for help in investigating the incident. A corresponding complaint was also sent to the prosecutor’s office.
Although the company’s notification does not specify whether the attack was carried out using ransomware, everything is in favor of this theory. Firstly, the attackers demanded a ransom and threatened to publish confidential data, and secondly, Stadler had to restore data from backups, obviously encrypted or deleted by the ransomware.
The company does not specify the number of affected production facilities, however, according to Swiss media, the incident affected all production, both in Switzerland and abroad.
“Despite the corona pandemic and cyberattacks, the continuation of the production of new trains and Stadler’s services is guaranteed”, — emphasizes the train manufacture.
Stadler also stated that it has backups for the affected data and that it is working on restarting and, potentially, restoring the impacted systems.
As I recently reported, hackers with Snake ransomware attacked Fresenius, Europe’s largest private hospital operator.