‘Boggi Milano’ Ripped by the Ragnarok Ransomware Actors

  • The Ragnarok ransomware group hit ‘Boggi Milano’ and stole 40 GB of data from the fashion chain.
  • The actors have leaked some payment-related documents onto their leak portal, but nothing appears to be damaging.
  • All websites of the brand are up and running, so the incident didn’t have a significant effect on the firm’s operations.

Italian fashion clothing chain ‘Boggi Milano’ has suffered a ransomware attack by the Ragnarok group of actors, who appear to have stolen 40 gigabytes of data in the process. We have visited the brand’s website and tested out regional domains. Everything is up and running, so the security incident doesn’t appear to have had a significant impact on the operations. This was also confirmed by a company representative, who stated that they are simply taking the matter to the law authorities for further investigation.

With the help of KELA, we were able to find the first leaked samples on the dark web in order to determine if customer data is included in the exfiltrated files. From what we were able to discern, judging by the filenames presented on the leak portal, the actors may have stolen payroll files, payment PDFs, vouchers, liability documents, tax-related files, etc.

Source: KELA
Source: KELA

Also, we have seen several “test” files being listed, which could mean that the actors got to exfiltrate practically worthless documents that web developers use for online shop testing. All in all, we didn’t see any client details, which is a good sign. However, we should point out that the extortion process typically starts with the leaking of less critical documents and then escalates to more damaging stuff. Hopefully for Boggi Milano and its customers, it won’t be the case this time.

Since the authorities in Italy have been informed and are investigating this incident, the consumer data protection agency that is going to ascertain any potential GDPR violations should be involved too. Boggi Milano has a business presence in other European countries too, and in total, the brand operates 200 stores in 38 countries around the world.

For now, details about the requested ransom amount haven’t been published, so we don’t know what the firm is dealing with or if they are planning to engage with the actors and negotiate anything. Judging from their frigid first statement, they are most probably looking to disregard the incident as insignificant.

How to Watch Hard Knocks Season 18 Online From Anywhere
Ahead of the 2022 NFL season that's scheduled to begin on September 8, we will be treated to an interesting show that...
How to Watch Reasonable Doubt Season 5 Online From Anywhere
Reasonable Doubt is back with a new season that aims to expose flaws in the legal system and overturn guilty verdicts in...
How to Watch Black Ink Crew: Chicago Season 8 Online From Anywhere
The Chicago Black Ink Crew spin-off will launch a new season soon, and you'll be streaming its episodes online on your favorite...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari