lockbit2 attacks Group Cabal

Incident Date:

May 16, 2022

World map



lockbit2 attacks Group Cabal


Group Cabal




Colina, Spain

Metropolitana, Spain

First Reported

May 16, 2022

Grupo Cabal Suffers Ransomware Attack by Lockbit2

Company Overview

Grupo Cabal, a prominent Chilean conglomerate, operates extensively within the combustible and transport sector. The company boasts a significant presence across Chile, managing a network of service stations stretching from the V to the X region. Known for its dedication to customer service and social responsibility, Grupo Cabal's portfolio spans energy, infrastructural projects, and retail services, as detailed on its official website.

Vulnerabilities and Impact

The ransomware attack on Grupo Cabal underscores the escalating threat landscape businesses face, especially those in the energy and utilities sector. Such cyber incidents can lead to substantial repercussions, including data breaches, operational downtime, and considerable financial losses. For Grupo Cabal, this attack poses a risk to its continuous operations and service delivery, potentially impacting its clientele and broader stakeholder base.

Mitigation Strategies

In response to the growing menace of ransomware, it is imperative for organizations to fortify their cybersecurity posture. This can be achieved through the adoption of comprehensive security measures such as frequent software updates, in-depth employee cybersecurity training, and the establishment of resilient backup solutions. Furthermore, the development and implementation of a ransomware incident response plan is crucial, ensuring preparedness and a structured response in the wake of an attack.


  • Chuks Ekwueme: The Shoprite-Ransomware Cyberattack Saga: What African Organizations Can Learn
  • Hackers Hold Entire School District to Ransom - Sophos News
  • Opinion | The Worm That Nearly Ate the Internet - The New York Times
  • Ransomware Hackers Employ Unsettling Tactics - Sec Snitching

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.