LockBit 3.0 Ransomware Attack on Rolling Fields Eldercare Community

Incident Date:

May 8, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on Rolling Fields Eldercare Community

Victim

Rolling Fields Eldercare Company

Attacker

Lockbit3

Location

Conneautville, USA

Pennsylvania, USA

First Reported

May 8, 2024

Ransomware Attack on Rolling Fields Eldercare Community

Victim Profile

Rolling Fields Eldercare Community, a senior living community based in the USA, offers a range of care options including independent living, respite care, memory care, and rehabilitative care. The company emphasizes a philosophy of care that prioritizes the needs and wants of its residents, creating a home where everyone can thrive.

Company Size and Standout Features

The company has 200 employees and an annual revenue of $9.0M, positioning it as a small healthcare company. The standout feature of the company is its commitment to providing a meaningful lifestyle for residents, fostering genuine relationships, and offering opportunities for growth.

Vulnerabilities and Attack Details

The company's website was targeted by the LockBit 3.0 ransomware group. The attack involved exfiltrating 186 GB of data, including SQL databases, users' data, and personally identifiable information (PII) documents. The attacker leaked a sample of the exfiltrated data, compromising the company's sensitive information.

LockBit May Attacks

LockBit 3.0, a cybercriminal group, resurfaced in May 2024 following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's adaptability and global reach were evident in the diverse sectors and countries affected by its ransomware attacks. LockBit's resurgence highlights the need for enhanced international cooperation and proactive cybersecurity measures to combat such persistent threats effectively.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.