LockBit 3.0 Ransomware Attack on 21st Century HealthCare, Inc.

Incident Date:

May 10, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on 21st Century HealthCare, Inc.

Victim

21st Century HealthCare, Inc.

Attacker

Lockbit3

Location

Tempe, USA

Arizona, USA

First Reported

May 10, 2024

Ransomware Attack on 21st Century HealthCare, Inc.

Victim Profile

21st Century HealthCare, Inc. is a company specializing in dietary supplements, based in Tempe, Arizona. The company was founded in 1991 and has a revenue of $168.8 million, employing 500 individuals. They offer a full line of high-quality vitamins and supplements, focusing on individual wellness needs since their inception.

Company Overview

21st Century Vitamins is known for providing a wide range of guaranteed highest quality vitamins and supplements. Their products cater to diverse requirements and are manufactured with the finest ingredients available. The company emphasizes quality in their manufacturing processes and has a strong online presence, allowing customers to purchase products through their website and platforms like Amazon Prime.

Standout Features

The company's commitment to quality is evident in their manufacturing processes, which ensure the highest standards of purity and potency. They have a significant global presence, with products sold in over 50 countries, showcasing their dedication to providing access to high-quality supplements worldwide. Additionally, 21st Century Vitamins supports their products with scientific research, emphasizing the importance of nutrients like vitamin B12 for various dietary needs.

Vulnerabilities

21st Century HealthCare, Inc. may have been targeted by threat actors due to the sensitive nature of their business, handling dietary supplements that are consumed by individuals. The company's large revenue and employee count could have made them an attractive target for ransomware groups seeking financial gain. Additionally, their strong online presence and global reach may have exposed them to cyber threats.

Ransomware Group Details

The LockBit 3.0 ransomware group, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates since January 2020. LockBit 3.0 is considered one of the most dangerous ransomware threats, with advanced features like file encryption, desktop modifications, and lateral movement capabilities within networks. The group has targeted a wide range of organizations globally, including major companies like Boeing and ICBC.

target for cybercriminals seeking financial gain through ransomware attacks.

LockBit May Attacks

This ransomware attack on 21st Century HealthCare, Inc. is part of the May 2024 attacks by LockBit 3.0. The cybercriminal group resurfaced with vigor following the disruption of its infrastructure in February during "Operation Cronos." Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.