LockBit 3.0 Ransomware Attack on Consulting Radiologists, Ltd.

Incident Date:

May 8, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on Consulting Radiologists, Ltd.

Victim

Consulting Radiologists, Ltd.

Attacker

Lockbit3

Location

Edina, USA

Minnesota, USA

First Reported

May 8, 2024

Ransomware Attack on Consulting Radiologists, Ltd.

Victim Overview

A physician-owned radiology practice based in Minnesota, Consulting Radiologists, has fallen victim to a ransomware attack by the cybercrime group LockBit 3.0. The attack targeted their website, potentially compromising their operations and data.

Company Profile

Consulting Radiologists, Ltd. is a radiology consulting firm founded in 1929. They provide a comprehensive range of radiology services to over 100 healthcare facilities, including breast imaging, radiology services, and mobile nuclear imaging. The company has 116 employees and is located at 7505 Metro Blvd. Suite 400, Edina, Minnesota 55439, US. The standout feature of Consulting Radiologists, Ltd. is their dedicated breast imaging department that offers a range of services focused on breast health.

Vulnerabilities

Consulting Radiologists, Ltd. may have been targeted by threat actors due to the sensitive nature of the healthcare data they handle. The ransomware attack could have exploited vulnerabilities in their systems, potentially through phishing emails, unpatched software, or weak network security.

Ransomware Group Details

LockBit 3.0, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations. The group is known for its advanced encryption capabilities, obfuscation techniques, and lateral movement within networks.

LockBit May Attacks

LockBit 3.0 resurfaced in May 2024 following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours. The group's adaptability and global reach highlight the need for enhanced international cooperation to combat cybercrime effectively. Cybersecurity experts emphasize proactive measures and intelligence sharing to counter LockBit's resurgence and address underlying vulnerabilities in digital ecosystems.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.