ransomhouse attacks ADATA

Incident Date:

October 12, 2022

World map



ransomhouse attacks ADATA






Brea, USA

California, USA

First Reported

October 12, 2022

ADATA Ransomware Attack: A Data Leak from 2021

Overview of the Incident

In October 2022, the ransomware group RansomHouse publicly claimed responsibility for a cyberattack on ADATA, a leading Taiwanese chip manufacturer, and disclosed stolen files on their data leak site. Contrary to these claims, ADATA clarified that the exposed files were associated with a May 2021 RagnarLocker ransomware attack, during which approximately 1.5 TB of data was exfiltrated. The company emphasized that it had not been subjected to a recent cyberattack, highlighting the robust protection measures implemented post the 2021 incident.


ADATA Technology operates within the global manufacturing sector, specializing in the production of memory solutions, including memory cards, USB drives, and solid-state drives (SSDs). The company's official website (https://www.adata.com/us/) features a system upgrades advisor tool, designed to assist users in identifying compatible memory products for their systems.

Details of the 2021 RagnarLocker Ransomware Attack

The RagnarLocker ransomware attack in May 2021 led to a significant data breach, with 700 GB of sensitive data being leaked. This cyberattack compelled ADATA to temporarily shut down its systems. The attackers demanded a ransom in return for a decryption key, a prevalent strategy employed in ransomware campaigns. Ransomware, a malicious software variant, encrypts files on the infected device, making them inaccessible, and often threatens to publish or sell the stolen data unless a ransom is paid.

RansomHouse's Claims and Operations

RansomHouse, which emerged in 2021, has been implicated in several high-profile cyberattacks, targeting entities such as AMD and Shoprite Holdings. Despite claiming not to deploy ransomware in its operations, the group has been associated with encryption-based attacks, notably through the dissemination of White Rabbit ransom notes. This contradiction underscores the evolving tactics of cybercriminal groups and the complexity of attributing cyberattacks definitively.

While ADATA has refuted the occurrence of a recent cyberattack, the situation underscores the persistent risk of ransomware attacks facing businesses. It also highlights the critical importance of implementing and maintaining robust cybersecurity defenses to mitigate the impact of such threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.