The Ragnar Locker ransomware attack targeted Taiwanese memory and storage chip manufacturer ADATA, with the gang releasing download links for almost 700 GB of stolen data.
For a long time, a set of 13 archives supposedly holding sensitive ADATA data were made publicly available at a cloud-based storage facility.
On their leak site, the ransomware actor published download links to the latest release of ADATA company documents, warning that the links would expire soon.
The archive was originally posted by the Ragnar Locker ransomware gang on the MEGA storage-service; however, the platform terminated their account and limited access to the group’s shared archives.
Two of the leaked archives are huge, over 100 GB, but the majority of them are less than 1.1 GB in size and could have been easily downloaded.
The largest archive is close to 300 GB in size, according to the threat actor’s file information, while another large archive is 117 GB in size.
Ragnar Locker most likely took from ADATA papers containing financial information, non-disclosure agreements, and other types of material by looking at the names of the archives.
On May 23rd, 2021, ADATA was hit by ransomware, forcing them to shut down their systems.
ADATA did not pay the ransom and repaired the impacted computers on its own, according to the data breach.
Before deploying the encryption mechanism, the threat actor claims to have taken 1.5 TB of sensitive data.
They stated that they were willing to work with them to repair the vulnerabilities and restore the system while avoiding any public disclosure of the problem.
However, the company placed little importance on its own personal information, as well as that of its partners, clients, workers, and customers.
The latest batch of archives published by Ragnar Locker ransomware for ADATA is the second.
The previous one was published earlier this month and contains four little 7-zip packages (less than 250 MB) that are still accessible for download.