LockBit 3.0 Ransomware Attack on Dopravní Podnik Karlovy
Incident Date:
May 9, 2024
Overview
Title
LockBit 3.0 Ransomware Attack on Dopravní Podnik Karlovy
Victim
Dopravní podnik Karlovy Vary, a. s.
Attacker
Lockbit3
Location
First Reported
May 9, 2024
Ransomware Attack on Dopravní Podnik Karlovy by LockBit 3.0
Victim Profile
Dopravní Podnik Karlovy (DP Karlovy) is a Czech transportation company based in Karlovy Vary, Czech Republic. The company operates in the Information Technology and Services industry. DP Karlovy specializes in the production of plastic packaging materials, offering a wide range of products such as plastic bottles, jars, caps, and closures for industries like food and beverage, pharmaceuticals, cosmetics, and household products. They also provide custom packaging solutions and design services, along with printing and labeling services to create unique packaging for their clients.
The company stands out in the industry for its diverse range of plastic packaging products and customized solutions for various sectors. Their printing and labeling services help brands create eye-catching packaging, setting them apart from competitors.
Vulnerabilities and Attack Details
DP Karlovy was targeted by the LockBit 3.0 ransomware group in a cyberattack where 27 GB of data, including invoices and financial information, was exfiltrated from their systems. The leaked data sample indicates further risks to the company's sensitive information.
LockBit May Attacks
This ransomware attack on DP Karlovy is part of the May 2024 attacks by LockBit 3.0. The cybercriminal group resurfaced with vigor following the disruption of its infrastructure in February during "Operation Cronos," a collaborative effort by international law enforcement agencies. Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.