Saturday, June 15, 2024

British Company Kingfisher Insurance Confirms LockBit Attack

Earlier this week, Kingfisher’s name appeared on the LockBit ransomware group’s leak site alongside claims of 1.4TB of the company`s data having been stolen, including personal details of employees and customers.

The company acknowledged the attack on its IT systems but claims threat actors couldn`t have stolen as much data as they claimed.

More on the Matter

On Monday, claims about a breach targeting the servers of the British Kingfisher Insurance company have surfaced on LockBit’s leak site. According to the ransomware gang, the dataset includes personal data of employees and customers as well as contacts and corporate mail archives belonging to Kingfisher, as well as well as one of the company’s vehicle insurance brands, First Insurance.

The threat actors posted several email addresses that appear to belong to Kingfisher Insurance staff, as well as passwords to several management system accounts, such as Workday and Access.

Cybernews describes Kingsfisher as a UK insurance company owning several prominent UK-based insurance brands, such as Classic Insurance Services, ClubCare Insurance, Cork Bays & Fisher, First Insurance to name a few.

The British company’s IT team reportedly took to blocking all external access and affected servers were brought offline as soon as the cyberattack became known, but the investigation concluded that business operations have not been impacted.

It is impossible for the criminal group behind this incident to have taken 1.4TB of data from the servers they indicate.


LockBit as a Threat

A report by threat intelligence firm Digital Shadows shows that in the second quarter of 2022, LockBit was the most active group in the cybercrime underworld holding a record for the highest number of victims in a quarter, specifically 231 victims.

Recommended:  Cyber Today - China stocking up vulnerabilities, Feds seizes 50,000 bitcoin, DOJ takes down Z-Library

LockBit has been a constant threat since 2019, working as a ransomware-as-a-service (RaaS) by recruiting threat actors to breach networks and encrypt devices, while also releasing a second and even a third generation of malware.

Suggest an edit to this article

Cybersecurity Knowledge Base

Latest Cybersecurity News

Cybersecurity Academy



Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
ClosePlease login
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

User Avatar
Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates