# Biotech research firm Miltenyi Biotec hit by ransomware, data leaked **[bleepingcomputer.com/news/security/biotech-research-firm-miltenyi-biotec-hit-by-ransomware-data-leaked/](https://www.bleepingcomputer.com/news/security/biotech-research-firm-miltenyi-biotec-hit-by-ransomware-data-leaked/)** Sergiu Gatlan By [Sergiu Gatlan](https://www.bleepingcomputer.com/author/sergiu-gatlan/) November 13, 2020 05:45 PM 0 Biomedical and clinical research company Miltenyi Biotec says that it has fully restored systems after a malware attack that took place last month and affected the firm's global IT infrastructure. Miltenyi Biotec's 2,500 employees from 28 countries are developing cell research and therapy products for clinicians and researchers who are working on covid-19 vaccines and treatments. It also provides SARS-CoV-2 antigens to researchers involved in SARS-CoV-2 vaccine development. ## Back up after restoring systems in roughly two weeks ----- During the last two weeks, there have been isolated cases where order processing was impaired by malware in parts of our global IT infrastructure," Miltenyi Biotec said in an official statement. "Rest assured, all necessary measures have now been taken to contain the issue and recover all affected systems. Based on our current knowledge, we have no indication that the malware has been inadvertently distributed to customers or partners." At the moment, the company said that it has successfully restored all operational processes impacted in last month's malware attack. However, the company is still facing issues in some countries with their email and telephone systems. Miltenyi Biotec added that customers should expect order delays caused by the temporary operational issues affecting systems during the last two weeks. Clients are also advised to reach out whenever they have to deal with any urgent cases that required immediate assistance. "Please accept our apologies for any inconvenience this may have caused you," Miltenyi Biotec added. Customers experiencing difficulties can reach out using a list of alternative contact numbers [available here.](https://www.miltenyibiotec.com/US-en/about-us/customer-technical-support-1.html) ## Mount Locker ransomware attack Even though Miltenyi Biotec has not disclosed the nature of the malware that caused the operational downtime during the last two weeks, the Mount Locker ransomware gang has claimed the attack earlier this month. The ransomware actors have leaked 5% out of the 150 GB of data they claim to have stolen from the company's network on their data leak site on November 4, 2020, in the form of a ZIP archive containing just over 1 GB of Miltenyi Biotec documents. [Mount Locker ransomware became operational in July 2020 after they started to breach](https://www.bleepingcomputer.com/news/security/mount-locker-ransomware-joins-the-multi-million-dollar-ransom-game/) corporate networks, stealing sensitive data and deploying payloads to encrypt systems on the victims' network. Mount Locker ransom notes seen by BleepingComputer show that, in some cases, the Mount Locker ransomware gang is demanding multi-million dollar ransoms. ----- **Mount Locker ransom note** The gang [launched a 'Mount Locker News & Leaks' site used to publish the stolen files of](https://www.bleepingcomputer.com/news/security/mount-locker-ransomware-joins-the-multi-million-dollar-ransom-game/) victims who refuse to pay the ransom. Mount Locker is also known for threatening victims to contact the media, TV channels, and newspapers if the ransom is not paid. Unfortunately, Mount Locker ransomware uses ChaCha20 + RSA-2048 and, at the moment, there is no way to recover encrypted files for free. BleepingComputer reached out to a Miltenyi Biotec spokesperson for additional details but did not hear back at the time of publication. ### Related Articles: [BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state](https://www.bleepingcomputer.com/news/security/blackcat-alphv-ransomware-asks-5-million-to-unlock-austrian-state/) [Windows 11 KB5014019 breaks Trend Micro ransomware protection](https://www.bleepingcomputer.com/news/security/windows-11-kb5014019-breaks-trend-micro-ransomware-protection/) [Industrial Spy data extortion market gets into the ransomware game](https://www.bleepingcomputer.com/news/security/industrial-spy-data-extortion-market-gets-into-the-ransomware-game/) [New ‘Cheers’ Linux ransomware targets VMware ESXi servers](https://www.bleepingcomputer.com/news/security/new-cheers-linux-ransomware-targets-vmware-esxi-servers/) [SpiceJet airline passengers stranded after ransomware attack](https://www.bleepingcomputer.com/news/security/spicejet-airline-passengers-stranded-after-ransomware-attack/) ----- [Mount Locker](https://www.bleepingcomputer.com/tag/mount-locker/) [Ransomware](https://www.bleepingcomputer.com/tag/ransomware/) [Research](https://www.bleepingcomputer.com/tag/research/) [Sergiu Gatlan](https://www.bleepingcomputer.com/author/sergiu-gatlan/) Sergiu Gatlan is a reporter who covered cybersecurity, technology, Apple, Google, and a few other topics at Softpedia for more than a decade. Email or Twitter DMs for tips. [Previous Article](https://www.bleepingcomputer.com/news/security/new-troublegrabber-discord-malware-steals-passwords-system-info/) [Next Article](https://www.bleepingcomputer.com/news/security/irs-announces-move-to-protect-businesses-from-identity-theft/) Post a Comment [Community Rules](https://www.bleepingcomputer.com/posting-guidelines/) You need to login in order to post a comment [Not a member yet? Register Now](https://www.bleepingcomputer.com/forums/index.php?app=core&module=global§ion=register) ### You may also like: -----