LockBit 3.0 Gang Allegedly Stole Thales Group's Data

Making the headlines

• The Lockbit group added Thales to the list of victims on October 31. After carrying out the Thales Group ransomware attack, the Lockbit gang is now threatening to publish stolen data by November 7.
• If the company does not pay the ransom, they might have to face the consequences, according to the Lockbit group.
• As of now, the Lockbit gang has yet to publish any samples of the alleged stolen data.
• Thales stated that it has not received any direct ransom notification from the gang.

The rise in LockBit’s activities

• Researchers from DarkFeed found that out of 230 victims, 103 were amassed by LockBit affiliates in just September.
• The cybercrime underworld's most active gang in Q2 2022, according to a report by Digital Shadows, was LockBit, which also held the record for the most victims (231) in a quarter.
• In total, LockBit has claimed 1,157 victims (during its career), far more than the ransomware gangs Conti (900), Hive (192), and BlackCat (177) combined.

Recent incidents

• Kingfisher Insurance, a British insurance provider, was most recently mentioned on LockBit's leak site. It claimed to have stolen 1.4 TB of data, including customer and employee personal information.
• Oomiya, a Japanese tech company, had its data stolen by a LockBit 3.0 ransomware offshoot, who then threatened to release the information if the company didn't pay the requested ransom.
• Microsoft Exchange servers were used earlier this year to spread the LockBit ransomware via an unreported zero-day weakness.

Conclusion