lockbit2 attacks CODISEL

Incident Date:

February 15, 2022

World map



lockbit2 attacks CODISEL






lazaro, Mexico

Chetumel, Mexico

First Reported

February 15, 2022

CODISEL Suffers Ransomware Attack by Lockbit2

CODISEL, a Mexican company specializing in the provision of food services for public and private institutions, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site, and the victim's website is currently experiencing issues, likely as a direct result of this cyber assault. CODISEL operates within the Law Firms & Legal Services sector and has established itself over the past 15 years as a provider of comprehensive solutions in food services, including abasto integral de víveres, comedores industriales, cafeterías industriales, and soluciones en alimentos.

The company prides itself on its commitment to quality, punctuality, and coverage across the central and southeastern regions of Mexico. They emphasize the importance of hygiene, confidence, and security in the handling of food, boasting certifications such as the Distintivo H, REPSE, and Certificado de Conformidad en Igualdad Laboral y No Discriminación.

The specific vulnerabilities that led to this attack have not been disclosed. However, it is widely recognized that ransomware groups like Lockbit2 exploit weaknesses in software, outdated systems, or unpatched vulnerabilities to infiltrate networks. Lockbit2, in particular, is notorious for its ability to bypass security measures and access sensitive data, often utilizing phishing emails or exploiting unpatched vulnerabilities as their entry points.

Following the attack, CODISEL's website is down, displaying an error message indicating a connection refusal. This disruption is characteristic of ransomware attacks, which typically involve encrypting data and demanding a ransom for its release. In light of this event, it is imperative for CODISEL to undertake immediate actions to mitigate the damage and prevent further data loss. Such measures may include isolating affected systems, restoring data from backups, and enhancing security protocols to thwart future attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.