Vice Society publishes data stolen during Vesuvius ransomware attack

Graham Cluley

Vice Society publishes data stolen during Vesuvius ransomware attack

A notorious ransomware gang has claimed responsibility for a cyber attack against Vesuvius, the London Stock Exchange-listed molten metal flow engineering company.

The Vice Society ransomware gang has published on the dark web files that it stole from Vesuvius, one month after the company announced that it had suffered a “cyber incident.”

Vesuvius leak

Amusingly, Vice Society included a confidentiality notice alongside the link through which the stolen files can be downloaded:


This leak, contains many confidential files which may also be privileged or otherwise protected by work product immunity or other legal rules. Any unauthorized review, disclosure, copying, distribution or use of this information is strictly prohibited.

The Company accepts no liability for the content of this leak or for the consequences of any actions taken on the basis of the information it contains. “Vice Society”

As if the Vice Society ransomware gang gives a damn about anyone’s confidentiality, other than its own.

The publication of the files suggests that negotiations between Vesuvius and its attackers have not gone in the direction Vice Society would desire… and that it is unlikely to receive a ransom from the British steel supplier.

EmailSign up to our newsletter
Security news, advice, and tips.

Is it me, or does it feel like more and more corporate victims of ransomware attacks are calling the bluff of their extortionists?

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.

One comment on “Vice Society publishes data stolen during Vesuvius ransomware attack”

  1. A person

    I am interested to know what you mean by "calling their bluff"? Because if they were bluffing, they wouldn't have had any data to publish. Whether or not they were able to decrypt the files without the key that Vice Society has (which is unlikely), their reputation as a company that can be trusted by others with sensitive information is no more. Plus, now anyone who wanted to know their trade secrets has a way to access it for free, whenever they want. I'm sure Vesuvius has the kind of money that they could have swept this under the rug by paying, but instead, they are exposed. It's pretty simple, tbh.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.