Ransomware Attack on Interfashion SPA by LockBit 3.0

Company Profile

Interfashion SPA, founded in 1992 and acquired by STRAVA S.r.l. in March 2023, is a design, production, and distribution company based in Rimini, Italy. The company focuses on HIGH - Everyday Couture, managing the entire process from creativity to distribution worldwide. In 2022, the company reported a total revenue of 26 million euros and projected a single-digit sales increase for the current year, aiming to boost growth in the triennium 2024-2026. The company's new ownership, STRAVA S.r.l., includes notable investors such as Giuseppe Stefanel, Giulio Corno, and Alberto Vacch.

Company Vulnerabilities

The company's prominence in the fashion industry, coupled with its online retail presence, makes it an attractive target for threat actors. The company's global reach and revenue size could have made it a lucrative victim for cybercriminals seeking financial gain through ransomware attacks. Additionally, the company's involvement in design, production, and distribution processes may have exposed it to vulnerabilities in its supply chain, potentially facilitating an attack.

The cyberattack on Interfashion SPA, carried out by the LockBit 3.0 ransomware group, targeted the company's website. The attack involved the use of ransomware to encrypt the company's data and demand a ransom for its release.

LockBit 3.0 May Attacks

This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group that resurfaced following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's adaptability and global reach highlight the challenges faced by authorities in combating cybercrime effectively.

Sources:

• Interfashion SPA Website
• Gros Rimini - Interfashion SPA
• Fashion Magazine - Interfashion SPA
• VMware - LockBit 3.0
• SentinelOne - LockBit 3.0
• Trend Micro - LockBit Ransomware Group