Hackers demand millions in ransom for stolen Stadler Rail documents

Stadler is unwilling to negotiate with the hackers. Keystone / Gian Ehrenzeller

The hackers who stole data from Swiss train manufacturer Stadler Rail in early May have demanded payment of a ransom of $6 million (CHF 5.8 million) in Bitcoin. 

This content was published on May 29, 2020 - 15:37
Keystone-SDA/ac

"Stadler is not and has never been willing to make payments to blackmailers and has not entered into negotiations," a spokesman for the company told press agency AWP on Friday, confirming a report in the Tages-Anzeiger newspaper.  

When faced with the company’s refusal to negotiate, the hackers published some of the stolen documents on the internet. A cache of internal Stadler documents was shared via an anonymous Twitter message. 

According to the message on the social network, accompanied by images, the perpetrators of the attack claim to have no less than 10,000 documents representing a data volume of 4 gigabits. The blackmailers gave Stadler a second chance to pay the ransom “before the publication of Part 2". 

According to the Tages-Anzeiger paper, the images published concern documents relating to loans and bank contracts as well as a tax agreement with the canton of Thurgau and a construction project in Altenrhein. However, the stolen data appears to be old documents. 

Stadler Rail revealed that it has initiated criminal proceedings and is cooperating with all the relevant authorities. At the beginning of May, the company's internal monitoring service had found that the computer network had been attacked. 

Other cyberattacks 

Around two weeks ago Swiss academic establishments were also victims of a separate cyberattack that targeted several research institutions in Europe. The attackers targeted supercomputers at leading Swiss research centres including the Swiss Federal Institutes of Technology in Zurich and Lausanne, as well as the University of Basel and the Swiss National Supercomputing Centre in Lugano.  

The intrusion is being investigated by the Reporting and Analysis Centre for Information Assurance (MELANI) commissioned by the government to protect critical infrastructures in Switzerland. 


This article was automatically imported from our old content management system. If you see any display errors, please let us know: community-feedback@swissinfo.ch

Share this story