LockBit 3.0 Ransomware Attack on ACLA-WERKE GmbH
Incident Date:
May 9, 2024
Overview
Title
LockBit 3.0 Ransomware Attack on ACLA-WERKE GmbH
Victim
ACLA-WERKE GMBH
Attacker
Lockbit3
Location
First Reported
May 9, 2024
Ransomware Attack on ACLA-WERKE GmbH by LockBit 3.0
Overview
Falling victim to a cybercrime attack orchestrated by the LockBit 3.0 ransomware group, ACLA-WERKE, a German company, encountered typical ransomware tactics where the attackers encrypted the company's data and demanded payment for its release.
Company Profile
ACLA-WERKE GmbH is headquartered in Köln, Germany. It specializes in manufacturing technical polyurethane elastomer products for the transport and materials handling sector, A. The company operates as a privately held entity in the business support services sector. With an estimated annual revenue ranging from $25-100 million, it sustains a workforce of 100-250 individuals. Renowned for its expansive product range, ACLA-WERKE GmbH produces over 20,000 distinct parts made of polyurethane for high-tech applications.
Vulnerabilities and Targeting
The significant presence of ACLA-WERKE GmbH in the manufacturing sector, coupled with its global footprint, likely attracted the attention of threat actors. Specializing in high-quality components for the automotive industry and technical polyurethane elastomer products, the company's operations present lucrative opportunities for cybercriminals seeking to exploit vulnerabilities in supply chains and critical infrastructure.
LockBit May Attacks
Part of the May 2024 offensive by LockBit 3.0, the ransomware assault on ACLA-WERKE GmbH followed the disruption of LockBit's infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly resumed its operations, targeting over 50 victims within hours of reactivating its platform. The group's recent onslaughts have spanned diverse industries globally, underscoring the imperative for enhanced international cooperation in combating cybercrime effectively.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.