BR100 Decreased By (-0.69%)
BR30 Decreased By (-0.62%)
KSE100 Decreased By (-0.57%)
KSE30 Decreased By (-0.75%)
BECO 5.59 Decreased By ▼ -0.05 (-0.89%)
BML 60.98 Increased By ▲ 2.26 (3.85%)
BOP 37.35 Increased By ▲ 0.22 (0.59%)
CNERGY 8.47 Decreased By ▼ -0.03 (-0.35%)
DCL 11.75 Decreased By ▼ -0.15 (-1.26%)
FCCL 57.78 Decreased By ▼ -0.85 (-1.45%)
FCSC 5.10 Increased By ▲ 0.05 (0.99%)
FFL 17.90 Decreased By ▼ -0.20 (-1.1%)
FNEL 1.24 No Change ▼ 0.00 (0%)
HUMNL 11.17 Decreased By ▼ -0.08 (-0.71%)
KEL 8.13 Decreased By ▼ -0.04 (-0.49%)
KOSM 6.37 Decreased By ▼ -0.10 (-1.55%)
MLCF 106.98 Decreased By ▼ -2.53 (-2.31%)
NBP 218.50 Increased By ▲ 1.02 (0.47%)
PACE 11.15 No Change ▼ 0.00 (0%)
PAEL 47.20 Increased By ▲ 0.48 (1.03%)
PIAHCLA 30.67 Increased By ▲ 0.07 (0.23%)
PIBTL 18.59 Decreased By ▼ -0.27 (-1.43%)
PPL 247.01 Decreased By ▼ -5.65 (-2.24%)
PRL 37.26 Increased By ▲ 0.81 (2.22%)
PTC 72.00 Decreased By ▼ -1.96 (-2.65%)
SEARL 99.14 Increased By ▲ 0.15 (0.15%)
SSGC 31.94 Decreased By ▼ -0.41 (-1.27%)
TELE 9.22 Increased By ▲ 0.13 (1.43%)
THCCL 74.29 Increased By ▲ 5.16 (7.46%)
TPLP 13.25 Increased By ▲ 0.71 (5.66%)
TREET 25.90 Increased By ▲ 0.11 (0.43%)
TRG 67.32 Increased By ▲ 0.02 (0.03%)
WAVES 11.52 Increased By ▲ 0.15 (1.32%)
WTL 1.27 Increased By ▲ 0.01 (0.79%)
By

LONDON: US travel management firm CWT paid $4.5 million this week to hackers who stole reams of sensitive corporate files and said they had knocked 30,000 computers offline, according to a record of the ransom negotiations seen by Reuters.

The attackers used a strain of ransomware called Ragnar Locker, which encrypts computer files and renders them unusable until the victim pays for access to be restored. The ensuing negotiations between the hackers and a CWT representative remained publicly accessible in an online chat group, providing a rare insight into the fraught relationship between cyber criminals and their corporate victims.

CWT, which posted revenues of $1.5 billion last year and says it represents more than a third of companies on the S&P 500 US stock index, confirmed the attack but declined to comment on the details of what it said was an ongoing investigation.

"We can confirm that after temporarily shutting down our systems as a precautionary measure, our systems are back online and the incident has now ceased," it said in a statement.

"While the investigation is at an early stage, we have no indication that personally identifiable information/customer and traveller information has been compromised."

Comments

Comments are closed for this article.