LockBit 3.0 Ransomware Attack on The Big Life Group
Incident Date:
May 7, 2024
Overview
Title
LockBit 3.0 Ransomware Attack on The Big Life Group
Victim
The Big Life Group
Attacker
Lockbit3
Location
First Reported
May 7, 2024
Ransomware Attack on The Big Life Group by LockBit 3.0
Victim Profile
The Big Life Group, based in Manchester, United Kingdom, is a civic and social organization with 501-1,000 employees. They focus on fighting inequality by working with people and places to create opportunities and inspire change. The organization provides tailored support services to individuals and communities, addressing various challenges and evolving their services over time.The company stands out in the civic and social organizations industry for their unique approach of empowering individuals through their strengths and life experiences.
Vulnerabilities
The Big Life Group's commitment to helping individuals and communities may have made them a target for threat actors like LockBit 3.0. Their involvement in campaigns and provision of support services could have exposed them to cyber threats, leading to the unauthorized access to their IT systems in June 2023.
LockBit 3.0 Distinction
LockBit 3.0, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has evolved from the legacy of LockBit and LockBit 2.0. This ransomware group distinguishes itself by adopting an affiliate-based ransomware approach, recruiting affiliates to target businesses and critical infrastructure organizations globally. LockBit 3.0 is considered one of the most dangerous and disruptive ransomware threats due to its advanced features and capabilities.
LockBit 3.0 May Attacks
This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group that resurfaced following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. These attacks spanned various sectors and countries, showcasing LockBit's global reach and adaptability.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.