LockBit 3.0 Ransomware Attack on A Step Ahead Foot & Ankle Center

Incident Date:

May 9, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on A Step Ahead Foot & Ankle Center

Victim

A Step Ahead Foot & Ankle Center

Attacker

Lockbit3

Location

Fort Collins, USA

Colorado, USA

First Reported

May 9, 2024

Ransomware Attack on A Step Ahead Foot & Ankle Center by LockBit 3.0

Company Profile

A Step Ahead Foot & Ankle Center is a podiatry practice with three locations in Fort Collins, Loveland, and Cheyenne. The company specializes in the diagnosis and treatment of foot, ankle, and lower leg problems. The company size consists of 14 employees, and they offer a wide range of services including foot surgery, orthotics, laser treatment, peripheral neuropathy care, and senior foot care. A Step Ahead Foot & Ankle Center was founded with the goal of helping patients keep their feet healthy and functioning for life.

Attack Details

A Step Ahead Foot & Ankle Center experienced a cyber incident wherein they were targeted by the LockBit 3.0 ransomware attack on their website, asafoot.com. The cybercrime group responsible, LockBit 3.0, utilized ransomware to compromise the website. Although specific details regarding the ransom demand were not disclosed, the attackers managed to exfiltrate 30.6 GB of sensitive data, including customer, financial, and medical information. LockBit 3.0 is known for its advanced infection techniques, customization options, and the ability to propagate laterally through a network via group policy updates, rendering it a significant threat in the cybersecurity landscape.

LockBit May Attacks

This is part of the May 2024 attacks by LockBit 3.0, where the cybercriminal group resurfaced with vigor following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's adaptability and global reach highlight the need for enhanced international cooperation to combat cybercrime effectively.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.