Diebold Nixdorf, a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, has disclosed a cyber attack that caused only “a limited IT systems outage.” The company said the intrusion only impacted its corporate network and did not affect its ATMs or customer networks.
The attack was discovered on April 25, when the company’s security team detected an unusual activity on its corporate network. Diebold said it promptly disconnected systems on the affected network to contain the spread of the malware.
According to the investigator Brian Krebs, the systems at Diebold Nixdorf were infected by the ProLock ransomware previously known as PwndLocker. The company said it did not pay the ransom demanded by the attackers, and refused to discuss the ransom amount.
According to Lawrence Abrams of BleepingComputer, the ransom demanded for ProLock victims typically ranges in the six figures, from $175,000 to more than $660,000 depending on the size of the victim network.
Last week, Swiss rail vehicle construction company, Stadler, has revealed it has suffered a malware attack, which might have allowed the attackers to steal company and employee data.
“Stadler internal surveillance services found out that the company’s IT network has been attacked by malware which has most likely led to a data leak. The scale of this leak has to be further analyzed,” the company said in press release.
The Swiss manufacturer did not disclosed what type of malware was used in the attack, but said that the intruders were attempting to extort money from Stadler by threatening to make stolen data public, in an attempt to “harm Stadler and thereby also its employees.”