While many devices were encrypted, the attack campaign was largely unsuccessful as the threat actors failed to encrypt flat files, where the data for virtual disks are stored.