Top vodka brand Stoli files for bankruptcy after ransomware attack
- At the end of November, Stoli filed for bankruptcy in the US
- Among several factors that led to the decision was an alleged ransomware attack that hampered the company’s operations
- We do not know who the attackers were or whether a ransom was paid
Stoli, a leading vodka brand with a global presence, filed for bankruptcy last week, media reports.
In the bankruptcy filing, the company listed many reasons for its financial shortcomings, including legal disputes with the Russian government, the country’s seizure of two distilleries worth about $100 million, and a ransomware attack that reportedly occurred in August this year would have taken place.
In the official document filed in Texas bankruptcy court late last month, the company’s CEO Chris Caldwell discussed the cyberattack. “In August 2024, Stoli Group’s IT infrastructure was severely disrupted due to a data breach and ransomware attack,” he said.
Unknown attackers
“The attack caused significant operational problems across all companies within the Stoli Group, including Stoli USA and KO, by disabling the Stoli Group’s Enterprise Resource Planning (ERP) system and affecting most of the Stoli Group’s internal processes (including accounting functions). were forced into a manual entry mode,” Caldwell continued.
The company is still working to restore its systems and does not expect it to be fully operational until the first quarter of 2025.
Aside from hampering daily operations, the ransomware attack also apparently made it difficult for the company to repay debts to its lenders. Unable to share current financials, lenders accused the company of defaulting on debt payments. The record reports.
It’s also worth pointing out that the company didn’t say who the attackers were, what they accomplished, whether or not they stole sensitive data, or how much money they asked for in return. Hackers usually flaunt their success on their data breach page, but in this case no one took responsibility for the attack. Sometimes, when victims pay the ransom amount, their names are removed from the leak sites.
However, they are usually listed first, as a way to pressure the victim to pay.
Via The record