{
	"id": "71365eee-433f-4430-932f-f9f35826ef54",
	"created_at": "2026-04-06T00:09:19.006647Z",
	"updated_at": "2026-04-10T13:11:25.870471Z",
	"deleted_at": null,
	"sha1_hash": "d723e617a5f1c2afdbfba7e3373626bb58bbd78b",
	"title": "Computer memory maker ADATA hit by Ragnar Locker ransomware",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2654849,
	"plain_text": "Computer memory maker ADATA hit by Ragnar Locker ransomware\r\nBy Sergiu Gatlan\r\nPublished: 2021-06-08 · Archived: 2026-04-05 17:43:47 UTC\r\nTaiwan-based leading memory and storage manufacturer ADATA says that a ransomware attack forced it to take systems\r\noffline after hitting its network in late May.\r\nADATA manufactures high-performance DRAM memory modules, NAND Flash memory cards, and other products,\r\nincluding mobile accessories, gaming products, electric power trains, and industrial solutions.\r\nThe company was ranked as the second-largest DRAM memory and solid-state drives (SSD) maker in 2018.\r\nhttps://www.bleepingcomputer.com/news/security/computer-memory-maker-adata-hit-by-ragnar-locker-ransomware/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/computer-memory-maker-adata-hit-by-ragnar-locker-ransomware/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nADATA confirms May ransomware attack\r\nThe Taiwanese memory manufacturer took down all impacted systems after detecting the attack and notified all relevant\r\ninternational authorities of the incident to help track down the attackers.\r\n\"ADATA was hit by a ransomware attack on May 23rd, 2021,\" the company told BleepingComputer in an email statement\r\ntoday.\r\nADATA's business operations are no longer disrupted according to the memory maker, with affected devices being restored\r\nand services closing regular performance.\r\n\"The company successfully suspended the affected systems as soon as the attack was detected, and all following necessary\r\nefforts have been made to recover and upgrade the related IT security systems,\" ADATA added.\r\n\"Gladly things are being moved toward the normal track, and business operations are not disrupted for corresponding\r\ncontingency practices are effective.\r\n\"We are determined to devote ourselves making the system protected than ever, and yes, this will be our endless practice\r\nwhile the company is moving forward to its future growth and achievements.\"\r\nRagnar Locker ransomware claims the attack\r\nADATA did not provide information on the ransomware operation behind the incident or any ransom demands. However,\r\nthe attack has already been claimed over the weekend by the Ragnar Locker ransomware gang.\r\nRagnar Locker says that they have allegedly stolen 1.5TB of sensitive data from ADATA's network before deploying the\r\nransomware payloads.\r\nSo far, the ransomware gang has only posted screenshots of stolen files and folders as proof of their claims, but they are\r\nthreatening to leak the rest of the data if the memory manufacturer doesn't pay the ransom.\r\nAccording to the screenshots already posted by Ragnar Locker on their dark web leak site, the attackers could collect and\r\nexfiltrate proprietary business information, confidential files, schematics, financial data, Gitlab and SVN source code, legal\r\ndocuments, employee info, NDAs, and work folders.\r\nhttps://www.bleepingcomputer.com/news/security/computer-memory-maker-adata-hit-by-ragnar-locker-ransomware/\r\nPage 3 of 5\n\nRagnar Locker ransomware activity was first observed being deployed in attacks against several targets in late December\r\n2019.\r\nOn compromised enterprise endpoints, Ragnar Locker operators terminate remote management software (such as\r\nConnectWise and Kaseya) used by managed service providers (MSPs) to manage clients' systems remotely.\r\nThis allows the attackers to evade detection and ensure that admins logged in remotely do not block the payload deployment\r\nprocess.\r\nThe FBI warned private industry partners of increased Ragnar Locker ransomware activity after an April 2020 attack that\r\nimpacted the network of multinational energy giant Energias de Portugal (EDP).\r\nAs seen by BleepingComputer, Ragnar Locker ransom demands range from $200,000 to roughly $600,000. However,\r\nRagnar Locker demanded a ransom of 1580 bitcoins (the equivalent of over $10 million) in EDP's case.\r\nhttps://www.bleepingcomputer.com/news/security/computer-memory-maker-adata-hit-by-ragnar-locker-ransomware/\r\nPage 4 of 5\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/computer-memory-maker-adata-hit-by-ragnar-locker-ransomware/\r\nhttps://www.bleepingcomputer.com/news/security/computer-memory-maker-adata-hit-by-ragnar-locker-ransomware/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/computer-memory-maker-adata-hit-by-ragnar-locker-ransomware/"
	],
	"report_names": [
		"computer-memory-maker-adata-hit-by-ragnar-locker-ransomware"
	],
	"threat_actors": [],
	"ts_created_at": 1775434159,
	"ts_updated_at": 1775826685,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/d723e617a5f1c2afdbfba7e3373626bb58bbd78b.pdf",
		"text": "https://archive.orkl.eu/d723e617a5f1c2afdbfba7e3373626bb58bbd78b.txt",
		"img": "https://archive.orkl.eu/d723e617a5f1c2afdbfba7e3373626bb58bbd78b.jpg"
	}
}