LockBit 3.0 Ransomware Attack on Groupe Gorrias – Mercedes-Benz
Incident Date:
May 8, 2024
Overview
Title
LockBit 3.0 Ransomware Attack on Groupe Gorrias – Mercedes-Benz
Victim
Groupe Gorrias – Mercedes-Benz
Attacker
Lockbit3
Location
First Reported
May 8, 2024
Ransomware Attack on Groupe Gorrias – Mercedes-Benz
Victim Profile
A company operating in the transportation sector in France, Groupe Gorrias, was targeted by the LockBit 3.0 ransomware group. The company operates Mercedes-Benz dealerships and has a company size of 51-200 employees.
Company Overview
Groupe Gorrias – Mercedes-Benz is a distributor of trucks, industrial vehicles, and utility vehicles. They offer brands such as Mercedes-Benz, Fuso, Setra, Evobus, and OmniPlus. The company sells new and used vehicles to individuals and professionals, providing maintenance, rental, and purchase services for trucks and utility vehicles.
The company is known for its Mercedes-Benz dealerships, offering a wide range of services and vehicles to its customers. The company focuses on supporting its employees' growth and development, emphasizing training and skill transmission.
Attack and Vulnerabilities
Being targeted by threat actors like the LockBit 3.0 ransomware group exposes Groupe Gorrias – Mercedes-Benz to data exfiltration and potential data compromise. The attack resulted in the leakage of 187 GB of sensitive data, including contracts, user information, and customer data, causing significant disruption to the company's operations.
Ransomware Group Details
The LockBit 3.0 ransomware group, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates and targeting various businesses and critical infrastructure organizations. LockBit 3.0 is considered one of the most dangerous and disruptive ransomware threats, with advanced encryption capabilities and obfuscation techniques that make it challenging for security researchers to analyze.
LockBit May Attacks
This ransomware attack on Groupe Gorrias – Mercedes-Benz is part of the May 2024 attacks by LockBit 3.0. Following the disruption of its infrastructure in February during "Operation Cronos," LockBit swiftly returned, targeting numerous victims across different sectors and countries. The group's resurgence highlights the need for improved international cooperation and proactive measures to combat cybercrime effectively.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.