Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Insurance Firm. Show all posts

Lockbit 3.0 Ransomware Targets UK-Based Kingfisher Insurance

 

Earlier this week, UK insurer Kingfisher Insurance's name appeared on the LockBit ransomware gang’s leak site alongside claims of 1.4TB of the firm`s data having been siphoned, including private data of staff and users. 

The malicious gang set a deadline of 28 November to fulfill its demands and in case the firm fails to adhere to their demand, it will be releasing the siphoned data to the public. Kingfisher appears alongside six other firms the gang claims to have hacked this month. 

The company acknowledged the attack on its IT systems however they have denied the size of the data breached. 

According to LockBit, the siphoned data includes private data of staff and customers as well as contacts and corporate mail archives belonging to Kingfisher. The hackers published multiple email addresses linked to Kingfisher Insurance staff, as well as passwords to several management system accounts, such as Workday and Access on their site. 

According to the Kingfisher’s representative, the company blocked all external access and exploited servers were brought offline as soon as the cyberattack became known. Kingfisher owns multiple high-profile UK insurance brands, such as Classic Insurance Services, ClubCare Insurance, Cork Bays & Fisher, and First Insurance. 

LockBit 3.0 flexing its muscles 

According to research from security vendor CyberInternational, LockBit is the most active ransomware gang in the third quarter of 2022, launching 37% of the ransomware attacks, a surge of 5% since the previous quarter. Since its emergence in 2019, LockBit has continued to operate as a ransomware-as-a-service (RaaS) by recruiting hackers to infiltrate networks and encrypt devices. 

Earlier this year in, the gang targeted global private and public sectors including the Italian tax offices, the cybersecurity firm Mandiant and NHS supplier Advanced. The latter attack led to disruptions to the NHS’s 111 service. 

In the same month, LockBit received a taste of its own medicine when anonymous hackers launched a DDoS attack on its dark web server containing leaks from companies the gang has ransomed. At the time of the attack, LockBit was receiving “400 requests a second from over 1,000 servers”.