Ransomware payment disclosed by American Radio Relay League

BleepingComputer reports that the American Radio Relay League has confirmed a $1 million payment to the perpetrators of the "sophisticated" ransomware attack against its computer systems in May, which is believed to be the Embargo ransomware operation.

Such payment was provided not only to prevent exposure of the stolen data but also to secure decryption tool access for compromised systems, according to a statement from ARRL, which noted that while attackers initially sought an "exorbitant" amount for the decryptor, demands significantly dropped after realizing they had no access to valuable information. Aside from emphasizing that their insurance policy covered the $1 million payment, along with expenses associated with systems restoration, ARRL also disclosed the successful restoration of most systems impacted by the incident. However, all of the affected servers, most of which were for internal usage, would be restored under updated infrastructure guidelines and standards within the next two months, added ARRL.