- Sep 13, 2018
Yesterday, a source told BleepingComputer that Johnson Controls suffered a ransomware attack after initially being breached at its Asia offices.
BleepingComputer has since learned that the company suffered a cyberattack over the weekend that caused the company to shut down portions of its IT systems.
Since then, many of its subsidiaries, including York, Simplex, and Ruskin, have begun to display technical outage messages on website login pages and customer portals.
BleepingComputer has been told that the ransom note links to a negotiation chat where the ransomware gang demands $51 million to provide a decryptor and to delete stolen data.
The threat actors also claim to have stolen over 27 TB of corporate data and encrypted the company's VMWare ESXi virtual machines during the attack.
Is this a new ransomware group or a rebranded one? Here an X source claims not to know who's behind this.