The Stoli Group USA filed for Chapter 11 bankruptcy in November 2024 because a ransomware attack in August 2024 disabled its Enterprise Resource Planning (ERP) system. The resulting disruption forced the company to use manual bookkeeping, preventing it from meeting critical debt reporting requirements for its lenders.
The Stoli Group USA, a major importer and distributor of liquor brands, faced a catastrophic business failure following a cyber attack that crippled its global operations. When the ransomware attack disabled the organization’s centralized ERP system, the company lost the ability to perform standard accounting and reporting functions. Because these critical business processes could not be restored quickly—with estimates suggesting systems would remain down until at least the first quarter of 2025—the company was unable to comply with the reporting requirements mandated by its lenders. This failure to provide necessary financial data directly necessitated the Chapter 11 bankruptcy filing. This incident highlights the extreme operational and financial risks organizations face when their ERP systems are not adequately protected against modern cyber threats.
Key Takeaways
- A ransomware attack disabled Stoli Group USA’s ERP system in August 2024.
- The system disruption forced the company to rely on manual bookkeeping for all business activities.
- Inability to meet lender debt reporting requirements led directly to a Chapter 11 bankruptcy filing.
- ERP systems are projected to remain in recovery until at least the first quarter of 2025.
- Ransomware recovery costs increased by 50% in 2024, with average payments reaching $2 million.
What is the impact of ransomware on modern organizations?
Ransomware remains a pervasive threat, with 59% of organizations experiencing attacks according to recent industry data. The financial consequences are escalating rapidly: recovery costs increased by 50% in 2024 compared to the previous year, and 56% of organizations report paying ransoms to regain access to their data. Furthermore, the average ransom payment has surged from $400,000 in 2023 to $2 million in 2024.
How can organizations protect ERP systems from ransomware?
Protecting business-critical ERP solutions—including SAP ERP and S/4HANA—requires automated, proactive security measures. Specialized tools like the Cybersecurity Extension for SAP are designed to defend against ransomware by automating vulnerability management, patch management, custom code security, and threat detection. These solutions ensure that organizations can maintain the integrity and availability of their financial and operational systems, even in the event of an attempted cyber attack.
FAQ
Why did Stoli Group USA file for bankruptcy after a cyber attack?
Stoli filed for bankruptcy because the ransomware attack disabled their centralized ERP system. This forced the company to use manual bookkeeping, which made it impossible to meet the debt reporting requirements mandated by their lenders.
How long were Stoli Group USA’s systems disrupted?
The attack occurred in August 2024, and the company indicated that its centralized ERP systems would not be fully restored until at least the first quarter of 2025.
What is the average cost of a ransomware payment in 2024?
According to the State of Ransomware report, the average ransom payment rose to $2 million in 2024, up from $400,000 in 2023.