lockbit2 attacks bafokengholding...

Incident Date:

March 31, 2022

World map



lockbit2 attacks bafokengholding...






Birnam, South Africa

Johannesburg, South Africa

First Reported

March 31, 2022

Bafokeng Holdings Ransomware Attack

Bafokeng Holdings, an African community-owned investment company, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site, and the victim's website is www.bafokengholdings.com. The company operates in the Holding Companies & Conglomerates sector and has a net asset value (NAV) of R46 billion (as at December 2022).

Bafokeng Holdings is known for its commitment to ethical business conduct and managing a portfolio with a significant financial value. The company's website states, "We are an African community-owned investment company" and "We manage a portfolio with a net asset value (NAV) of R46 billion (as at December 2022)".

The company's size and industry position make it a potential target for threat actors seeking to exploit vulnerabilities in its systems. The ransomware attack on Bafokeng Holdings highlights the need for robust cybersecurity measures to protect against such threats.

Vulnerabilities and Mitigation

The specific vulnerabilities that led to the ransomware attack on Bafokeng Holdings are not publicly disclosed. However, the company and other organizations can take several steps to mitigate the risk of ransomware attacks:

  • Regular vulnerability scanning: Conduct regular vulnerability scanning to identify and address vulnerabilities, especially those on internet-facing devices, to limit the attack surface.
  • Backup and recovery: Maintain offline, encrypted backups of data and regularly test backups to ensure they can be used to restore data in case of an attack.
  • Software patching: Regularly patch and update software and operating systems to address known vulnerabilities.
  • Reporting and response: Report ransomware attacks to federal law enforcement and request technical assistance or provide information to help others.

The ransomware attack on Bafokeng Holdings serves as a reminder of the ongoing threat of cyber attacks in the business world. By implementing robust cybersecurity measures and staying informed about the latest threats, organizations can better protect themselves and their assets.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.