Cybersecurity Breach: LockBit 3.0 Ransomware Attack on Sagacious Research Private Limited
Incident Date:
April 18, 2024
Overview
Title
Cybersecurity Breach: LockBit 3.0 Ransomware Attack on Sagacious Research Private Limited
Victim
Sagacious Research Private Limited
Attacker
Lockbit3
Location
First Reported
April 18, 2024
Ransomware Attack on Sagacious Research Private Limited by LockBit 3.0
Company Overview
Sagacious Research Private Limited, incorporated on February 29, 2008, is a prominent player in the intellectual property (IP) research and consulting sector. The company specializes in patent research, intellectual property research, patent litigation, and patent drafting solutions. With a revenue range between INR 1 crore and 100 crores for the fiscal year ending March 31, 2023, Sagacious Research has shown robust financial growth, with a 36.48% increase in EBITDA and a 38.42% rise in book net worth over the previous year.
The firm employs between 201 and 500 individuals across its global offices in India, the USA, China, and Canada, positioning it as a significant entity with a diverse workforce and extensive operational reach.
Ransomware Attack Details
The LockBit 3.0 ransomware group, also known as LockBit Black, has claimed responsibility for a cyberattack on Sagacious Research Private Limited. This attack resulted in the exfiltration of approximately 4.4 terabytes of sensitive data, including customer patents, drawings, and confidential correspondence. The compromised data encompasses a wide array of documents from cloud storage, NDA/restricted files, employee computer files, backups, financial records, and detailed business processes.
Implications
The breach exposes significant vulnerabilities within Sagacious Research's cybersecurity measures, particularly in protecting intellectual property and sensitive client information. The scale of the data breach and the nature of the stolen documents could potentially lead to substantial financial and reputational damage, affecting client trust and competitive positioning in the IP research and consulting industry.
Ransomware Group Profile
LockBit 3.0, an evolution of the earlier LockBit ransomware iterations, operates under a Ransomware-as-a-Service (RaaS) model. This group is known for its aggressive targeting tactics and has been involved in numerous high-profile ransomware attacks globally. The ransomware is designed to encrypt files, alter filenames, change desktop wallpapers, and leave a ransom note, making it particularly disruptive.
Sources
- Tofler: Sagacious Research Private Limited Company Profile
- Growjo: Sagacious IP
- AmbitionBox: Sagacious Research Overview
- Owler: Sagacious Research
- Craft: Sagacious Research
- VMware Security Blog: LockBit 3.0
- SentinelOne: LockBit 3.0
- Trend Micro: LockBit Ransomware Group
- Times of India: LockBit 3.0
- Wazuh Blog: Detecting LockBit 3.0 Ransomware
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.