A U.S. travel management firm has paid out a fortune in bitcoin after its corporate files were locked up in a ransomware attack.
According to a report by Reuters
on Friday, travel firm CWT paid the 414 bitcoin ransom (worth $4.5 million at the time) as part of a deal to recover sensitive files encrypted by the Ragnar Locker ransomware that makes files inaccessible until a bounty has been paid.Hackers said 30,000 of the company's computers were caught up in the attack, although the number has since been disputed by a person familiar with the investigation, Reuters said.The conversation between the hackers and CWT was made public on Saturday, providing a rare insight into how the deal to recover the company's files was struck. In the conversation
, a CWT representative can be seen asking how to recover their files and what steps were needed to resolve the problem.The company subsequently confirmed in a statement that its systems were back online and that the incident had passed, but declined to comment further due to an ongoing investigation.CWT also said it had informed relevant U.S. and EU law-enforcement agencies immediately after becoming aware of the incident.