The attackers published screenshots of the company’s data on a website the hackers operate on the dark web.
The screenshots show employee passport and ID scans, employee emails, financial documents, and directories from the company’s internal network.
Software AG said that the ransomware attack only affected its internal network while customer cloud services were unaffected.
“The IT infrastructure of Software AG is affected by a malware attack since the evening of 3 October 2020. While services to its customers, including its cloud-based services, remain unaffected, as a result, Software AG has shut down the internal systems in a controlled manner in accordance with the company’s internal security regulations.” said a company statement.
A copy of the ransomware binary used against Software AG was discovered earlier this week by security researcher MalwareHunterTeam.
Software AG is an enterprise software company with over 10,000 enterprise customers in over 70 countries.
The company is the second-largest software vendor in Germany and the seventh-largest in Europe.
Software AG’s customers include organisations from government, banking, transportation, insurance, retail, and other sectors.