LockBit 3.0 Ransomware Attack on Pi Kappa Phi - Auburn University

Incident Date:

May 9, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on Pi Kappa Phi - Auburn University

Victim

Pi Kappa Phi - Auburn University

Attacker

Lockbit3

Location

Auburn, USA

Alabama, USA

First Reported

May 9, 2024

Ransomware Attack on Pi Kappa Phi - Auburn University

Victim Profile

Pi Kappa Phi at Auburn University is a fraternity that upholds the standards and challenges set by the Pi Kappa Phi fraternity to foster exceptional development among its members. The fraternity, known as Alpha Iota, was chartered in 1926 and has been active in Auburn, Alabama since 2009. They are involved in various campus organizations, such as the Auburn Bass Fishing Team and the Auburn University Lacrosse Team.

Company Size and Industry Standing

The fraternity operates in the Education sector and stands out for its commitment to developing its members through various activities, events, and community involvement. They provide information about their chapters, philanthropy, and leadership on their website, fostering a strong sense of brotherhood among members.

Attack Details

The ransomware attack on Pi Kappa Phi's website, auburnpikapp.org, involved the exfiltration of 12 GB of sensitive data, including accounting, financial, and banking information. The attacker, LockBit 3.0, subsequently leaked this data, highlighting the severity of the breach and the potential impact on the fraternity.

Ransomware Group Overview

The LockBit 3.0 ransomware group is an evolution of the LockBit group, known for its advanced capabilities and evasive techniques. Operating under a Ransomware-as-a-Service model, LockBit 3.0 has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations globally.

LockBit May Attacks

This ransomware attack on Pi Kappa Phi at Auburn University is part of the May 2024 attacks by LockBit 3.0. Following the disruption of its infrastructure during "Operation Cronos," LockBit resurfaced with vigor, targeting over 50 victims within hours of reactivating its platform. The group's ability to regroup and strike back efficiently raises concerns about current strategies' adequacy in combating cybercrime. Cybersecurity experts stress proactive measures and collaborative intelligence sharing to counter LockBit's resurgence and address underlying vulnerabilities in digital ecosystems.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.