Flavour and fragrance developer attacked by Clop ransomware

Edward Kost
Edward Kost
December 22, 2020

Symrise, a flavour and fragrance developer for Nestle and Coca-Cola has had its sensitive data stolen and encrypted in a Clop ransomware attack.

The Clop malware was injected into the Symrise network through a successful email phishing attack. In such cyber attacks, seemingly innocuous emails are infiltrated with malicious links that initiate malware downloads. 

The cyber attack encrypted 1000 device on the Symrise network and exfiltrated 500 GB of unencrypted data from its servers.

Following classical double-extorsion methods, Clop posted evidence of the breached data on its data leak site, exposing, passport images, audit reports and even confidential fragrance ingredients.

Symrise data breach leak
Leaked evidence of Symrise cyber attack - source: bleepingcomputer.com

If Symrise refuses to pay Clop’s ransom price, the remainder of its breached data will be published on the dark web.

The ransom price for Symrise’s seized data is unknown.

Clop ransomware has also been repeatedly attacking the Australian Health Sector, prompting an official alert by the Australian Cyber Security Centre (ACSC).

How secure is Symrise?

Symrise is a global supplier of inspiring fragrances, flavors, natural nutrition and cosmetic ingredients solutions.
  • Check icon
    View our free preliminary report on Symrise’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
Security ratings
Abstract shape
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating