The notorious LockBit ransomware group has claimed two more victims, adding to their dark web portal – Talon International Inc and Baldessari & Coster LLP. The gravity of the situation is exacerbated by the extensive data the hackers claim to have accessed, putting the security and confidentiality of critical information at risk.
According to the ransomware group’s post, Talon International Inc. faces the potential exposure of a staggering 300GB of sensitive data. This includes detailed information about clients, products, employees, financial records, and various working documentation.
The compromised data encompasses client databases, product details, employee information, financial documents, and confidential corporate materials. Notably, the hackers have set a deadline of 02 February 2024, 11:41:51 UTC, adding urgency to the situation.
Similarly, Baldessari & Coster LLP, a full-service Certified Public Accounting firm licensed in NY, is also under threat. The ransomware group posted information about the firm’s certification and set a deadline of 21 February 2024, 11:01:09 UTC for compliance with their demands.
Website Investigations: Suspicions Arise
Upon investigating the official websites of the targeted companies, suspicions arise. While Talon International’s website remains fully functional and accessible, Baldessari & Coster LLP’s site is not accessible. This discrepancy raises questions about the validity of the claims made by LockBit.
To verify the authenticity of the claims, The Cyber Express Team attempted to reach out to the targeted organizations. However, as of writing this report, no official response has been received. Whether the ransomware group’s actions are a mere tactic to gain attention, a technical glitch, or a genuine security breach remains unclear until official statements are released. Until then, the veracity of these claims remains unverified.
History of LockBit Ransomware Group Attack
This incident follows LockBit’s pattern of targeting entities and demanding ransom within a specified timeframe. In January 2024, the ransomware group announced three new victims – TV Jahn Rheine in Germany, Home Waremmien in Belgium, and Marxan S.L. Despite the announcement, the websites of these alleged victims showed no immediate signs of a LockBit ransomware attack.
Speculations suggest that the threat actor may have focused on compromising the databases rather than the front end of the websites, aligning with previous attacks on companies like Jasman Automotive and Subway.
Adding to the complexity, LockBit has recently listed a new organization based in Taiwan, Province of China, with 1,001-5,000 employees as its victim. This organization operates in the appliances, electrical, and electronics manufacturing sectors.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.