LockBit 3.0 Ransomware Attack on Interfashion SPA

Incident Date:

May 9, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on Interfashion SPA

Victim

Interfashion SPA

Attacker

Lockbit3

Location

Rimini, Italy

, Italy

First Reported

May 9, 2024

Ransomware Attack on Interfashion SPA by LockBit 3.0

Company Profile

Interfashion SPA, founded in 1992 and acquired by STRAVA S.r.l. in March 2023, is a design, production, and distribution company based in Rimini, Italy. The company focuses on HIGH - Everyday Couture, managing the entire process from creativity to distribution worldwide. In 2022, the company reported a total revenue of 26 million euros and projected a single-digit sales increase for the current year, aiming to boost growth in the triennium 2024-2026. The company's new ownership, STRAVA S.r.l., includes notable investors such as Giuseppe Stefanel, Giulio Corno, and Alberto Vacch.

Company Vulnerabilities

The company's prominence in the fashion industry, coupled with its online retail presence, makes it an attractive target for threat actors. The company's global reach and revenue size could have made it a lucrative victim for cybercriminals seeking financial gain through ransomware attacks. Additionally, the company's involvement in design, production, and distribution processes may have exposed it to vulnerabilities in its supply chain, potentially facilitating an attack.

The cyberattack on Interfashion SPA, carried out by the LockBit 3.0 ransomware group, targeted the company's website. The attack involved the use of ransomware to encrypt the company's data and demand a ransom for its release.

LockBit 3.0 May Attacks

This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group that resurfaced following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's adaptability and global reach highlight the challenges faced by authorities in combating cybercrime effectively.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.