LockBit 3.0 Ransomware Attack on U.S. Linen & Uniform
Incident Date:
May 8, 2024
Overview
Title
LockBit 3.0 Ransomware Attack on U.S. Linen & Uniform
Victim
U.S. Linen & Uniform
Attacker
Lockbit3
Location
First Reported
May 8, 2024
Ransomware Attack on U.S. Linen & Uniform by LockBit 3.0
Attack Overview
U.S. Linen & Uniform, a company based in the USA, was targeted in a cyberattack by the LockBit 3.0 ransomware group. The attackers used ransomware to breach the company's systems and exfiltrated 73 GB of data, which included sensitive information like customer details and invoices. A sample of this stolen data was leaked, highlighting the extent of the breach and the potential risks to the company and its customers. The specific ransom demand made by the attackers was not disclosed, but the incident serves as a reminder of the growing threat of cybercrime to businesses worldwide.
Company Profile of U.S. Linen & Uniform
U.S. Linen & Uniform is a family-owned company that provides linen and uniform rental services for businesses in the United States. With 75 years of experience, they cater to industries such as automotive, hospitality, food manufacturing, service, and medical sectors. The company prides itself on values like honesty, integrity, and respect, offering a positive customer experience with clear-cut billing and a commitment to accountability and reliability.
Vulnerabilities
Being a company that handles a significant amount of customer information and invoices, U.S. Linen & Uniform is vulnerable to cyber threats like ransomware attacks. The nature of their business, involving data exchange and storage, makes them an attractive target for threat actors seeking to exploit sensitive information for financial gain.
LockBit 3.0 Ransomware Group
The ransomware group known as LockBit, is a Ransomware-as-a-Service group that has evolved from previous versions of LockBit. This ransomware group is known for its advanced capabilities, including file encryption, desktop modifications, and the ability to move laterally through networks. LockBit 3.0 operates under a RaaS model, allowing other cybercriminals to utilize their malware for attacks.
LockBit May Attacks
LockBit 3.0 resurfaced in May 2024 following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims globally. The group's adaptability and global reach highlight the challenges in combating cybercrime effectively, emphasizing the need for enhanced international cooperation and proactive security measures.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.