Ragnar Locker ransomware demanded 1580 bitcoin (approximately $11 million) as ransom from Portuguese electric utilities company Energias de Portuga (EDP).

As reported by Bleeping Computer, the operators of Ragnar Locker published a new post on their data leak website in which they claimed that they had stolen a large amount of data from the European energy company. They then threatened to publish this information if they didn’t receive their requested ransom payment of 1580 bitcoin.

A screenshot of Ragnar Locker’s EDP posting on its data leak website. (Source: Bleeping Computer)

We had downloaded more than 10TB of private information from EDP group servers. Below just a couple of files and screenshots from your network only as a proof of possession! At this moment current post is a temporary, but it could become a permanent page and also we will publish this Leak in Huge and famous journals and blogs, also we will notify all your clients, partners and competitors. So it’s depend on you make it confidential or public !

The sample of EDP’s leaked data included “edpradmin2.kdb,” a KeyPass password manager database. Employee logins and accounts also appeared in the stolen information.

EDP had not responded to Bleeping Computer’s request for comment at the time of writing.

Ragnar Locker, a threat which has a history of targeting MSP software, is not the first ransomware family that’s made the threat of leaking data on the web. In February 2020, for instance, researchers observed that the operators of DoppelPaymer ransomware had launched a site for publishing the data of their victims who didn’t pay the ransom. Less than a month later, the security firm uncovered a new ransomware family called “Nefilim” that told its victims it would publish their stolen data within a week unless they met its attackers’ demands.

Given this trend, organizations need to boost their defensive measures against ransomware. They can do this by taking steps to prevent a ransomware infection in the first place.