Cybersecurity Breach: LockBit 3.0 Ransomware Attack on Tri-State Truck & Equipment

Incident Date:

April 17, 2024

World map



Cybersecurity Breach: LockBit 3.0 Ransomware Attack on Tri-State Truck & Equipment


Tristate Truck and Equip




Billings, USA

Montana, USA

First Reported

April 17, 2024

Ransomware Attack on Tri-State Truck & Equipment by LockBit 3.0

Company Overview

Tri-State Truck & Equipment, Inc., established in 1961, operates within the transportation sector, specializing in sales, parts, service, and rentals of construction equipment. The company boasts a skilled team of technicians and maintains partnerships with several prominent manufacturers to enhance service quality and parts availability. With locations across multiple states including Montana and Wyoming, Tri-State Truck & Equipment serves a significant regional customer base. Despite varying reports, the company's annual revenue is noted to be around $24 million, and it employs approximately 75 individuals.

Details of the Attack

The ransomware group LockBit 3.0, also known as LockBit Black, has recently claimed responsibility for an attack on Tri-State Truck & Equipment. This group, known for its disruptive capabilities, has targeted the company, leading to the encryption of sensitive data and the potential theft of "Very Private Data".

Vulnerabilities and Industry Impact

Like many in the transportation and equipment service industry, Tri-State Truck & Equipment, relies heavily on digital systems for inventory management, customer relations, and operations logistics. This dependency on technology, coupled with potentially inadequate cybersecurity measures, may have made them a prime target for LockBit 3.0. The attack not only threatens the privacy and security of the company's data but also highlights the broader vulnerabilities within the sector, especially for companies that might not have robust cybersecurity protocols in place.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.