Security Market Segment LS
Saturday, 27 June 2020 07:15

Lion says all breweries up and running after Windows ransomware attack Featured

Lion says all breweries up and running after Windows ransomware attack Courtesy Lion

Australian drinks manufacturer Lion says it has managed to get all its breweries back up and running following an attack on its systems by a gang using the REvil ransomware that works only on Windows systems.

In an update issued on Friday, Lion said: "We are now brewing, kegging, packaging and distributing beer at our nine major breweries across Australia and New Zealand."

The company first revealed that its systems had been attacked on 9 June and has been providing regular updates since then. The company is a subsidiary of the Japanese beverage giant Kirin. According to Wikipedia, it has about 7000 employees and its 2015 revenue was $5.6 billion.

The company said in the Friday statement: "All our dairy and juice sites are operational as well; and across many parts of our business customers are once again able to place orders and view their invoices online. We are working hard to get all of our customer ordering platforms operational as soon as possible and we thank our customers for their patience during this very challenging period.

"Despite this progress, we do still expect to see some further disruptions as we continue to restore systems. We will continue to work with our team of experts to complete this work as quickly as possible, minimising any further disruptions, including to supply."

The gang behind the attack has demanded a ransom of US$800,000 to decrypt the files that were encrypted during the incident.

As iTWire has reported, security sources said on 17 June that that the group had given Lion time until 19 June to pay up, and threatened to double the ransom after that.

Lion said: "The timing of this attack — just as the hospitality industry is trying to get back on its feet post COVID-19 closures — could not have been more challenging for Lion and our industry partners.

"As we progress our recovery efforts, it is our number one priority to get back to our usual high standards of service levels before this cyber attack, and support our many valued business partners in what we hope will be a better second half of 2020.

"To date, we still do not have evidence of any data being removed. As we indicated last week, it remains a real possibility that data held on our systems may be disclosed in the future. Unfortunately, this is consistent with these types of ransomware attacks."

It said expert teams were doing all they could to investigate and if any cases of data being taken or misused were identified, it would contact the affected individuals directly.


Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.


talentCRU FREE WEBINAR INVITE - Cybersecurity in COVID-19 times and beyond

With the mass transition to remote working, our businesses are becoming highly dependent on the Internet.

So, it’s no surprise that we’ve seen an increase in cyberattacks.

However, what’s more concerning is that just 51% of technology professionals are highly confident that their cybersecurity teams are able to detect and respond to these threats.

Join us for this free online roundtable where our experts discuss key cybersecurity issues IT leaders are facing during the pandemic, and the challenges that will likely emerge in the coming years.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments