lockbit2 attacks Bernheim Arboretum & Research Forest

Incident Date:

January 10, 2022

World map



lockbit2 attacks Bernheim Arboretum & Research Forest


Bernheim Arboretum & Research Forest




Clermont, USA

Kentucky, USA

First Reported

January 10, 2022

Ransomware Attack on Bernheim Arboretum & Research Forest

Bernheim Arboretum & Research Forest, a 16,000-acre forest dedicated to conservation and education in the eastern United States, has been targeted by the ransomware group Lockbit2. The organization, which operates in the Consumer Services sector, is known for its commitment to connecting people with nature and has a tradition of research dating back to its origin.

The attack on Bernheim Arboretum & Research Forest was announced on the dark web leak site of the ransomware group, with the victim's website listed as http://bernheim.org/. The forest, which is the largest privately held contiguous forest block in the eastern United States dedicated to conservation and education, has been a significant contributor to the region's ecological and educational landscape.

The ransomware attack on Bernheim Arboretum & Research Forest highlights the vulnerabilities of organizations in the Consumer Services sector, which often have a large digital footprint and rely on technology for operations and communication. The attackers exploited these vulnerabilities to gain access to the organization's systems and encrypt their data, demanding a ransom for its release.

Despite the attack, Bernheim Arboretum & Research Forest remains committed to its mission of connecting people with nature and continues to offer a variety of outdoor experiences and educational opportunities. The organization's resilience in the face of this attack underscores the importance of robust cybersecurity measures and the need for ongoing vigilance in the digital landscape.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.