In a message posted to a leak site related to the REvil ransomware, the hackers threatened to publish the data if Adif did not make contact.

“Simultaneously with the publication, the third attack will follow,” the message reads. “We will continue to download your data until you contact us.”

Adif confirmed to IRJ that a cyberattack using ransomware software had been controlled by its internal security services.

“The infrastructure has not been affected at any time, and the correct functioning of all its services has been guaranteed,” the company says. “Adif, aware of being the manager of a critical infrastructure such as the exploitation of the railway network, considers cybersecurity as one of the pillars of comprehensive security.”

The attack comes after a similar event with Stadler, which had internal documents published online after it refused to pay a $US 6m ransom.