REvil is reportedly behind the attack against the Spanish railway manager ADIF and claimed to have stolen over 800 GB of data.
Ransomware gang REvil stole over 800 GB of data from ADIF, the Spanish state-owned railway infrastructure manager, after a successful attack deployed on their systems.
According to El Español, the authorship of the cyberattack belongs to the well-known ransomware group after they published a post on the official darknet website of REvil on July 22, who boasted of adding another victim.
The cybercriminals claimed to have caught over 800 GB in data from the servers of ADIF, although it’s not confirmed how they managed to breach the security of the railway infrastructure manager based in Madrid.
REvil didn’t disclose major information on which kind of data they stole, but a screenshot published by the gang in the blog post shows some files that could contain personal data, letters, contracts, and account information of ADIF.
The vulnerability could have not been patched yet
The report states that the ransomware gang claimed to have the capabilities to keep downloading data from ADIF’s IT systems, suggesting that the attack is still underway due to a vulnerability that hasn’t been patched so far if they don’t pay for the requested ransom, which is unknown as of press time.
However, the Spanish state-owned company issued a comment on the attack:
"At no time has the infrastructure been affected, always guaranteeing the proper functioning of all our services.