ragnarlocker attacks Dollmar S.P.A

Incident Date:

October 18, 2022

World map



ragnarlocker attacks Dollmar S.P.A


Dollmar S.P.A




Settala, Italy

, Italy

First Reported

October 18, 2022

Ragnar Locker Cyberattack on Dollmar Spa

The infamous gang of cybercriminals Ragnar Locker, hits the Italian company Dollmar spa that is fighting with ransomware.

Ragnar Locker has published a notice on the data leak site (DLS) which reports the following:

Oggi pubblichiamo qui la nuova azienda, "Dollmar".
Il nostro cliente è stato informato delle vulnerabilità e del potenziale rischio di fuga di dati. Sfortunatamente la direzione di "Dollmar" non era pronta a risolvere questo problema e ha consentito la fuga di dati.
In base alle nostre regole, stiamo pubblicando l'intero volume di dati che è stato compromesso.
Le organizzazioni che raccolgono e archiviano dati privati dovrebbero essere responsabili della sua privacy.

Di seguito puoi trovare il link con tutti i Dati sensibili:

And in fact they make about 35GB of the company available for public download, as reported by their internal “policies”, after the payment of the ransom has not taken place.

Impact of the Data Leak

The publication of a post on a cybergang data leak site, as RHC readers know, generally occurs when the company is reticent or has not paid the ransom for the blocking of IT infrastructures carried out with ransomware.

In this way, by threatening the publication of the data in their possession, the pressure on the violated organization increases, hoping that the payment will happen faster. But in this case the full release happened, so all the loot in possession of Ragnar Locker is now online.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.