lockbit2 attacks Intertabak AG

Incident Date:

May 30, 2022

World map



lockbit2 attacks Intertabak AG


Intertabak AG




Salinenstrasse, Switzerland

Pratteln, Switzerland

First Reported

May 30, 2022

Intertabak AG Suffers Ransomware Attack by Lockbit2

Intertabak AG, the official and exclusive direct importer of Habanos Zigarren and Mini Cubanos (Zigarillos) for Switzerland and Liechtenstein, has fallen victim to the ransomware group Lockbit2. The attack was disclosed on the group's dark web leak site, signaling a significant breach in the company's cybersecurity defenses.

Since its establishment in 1995, Intertabak AG has played a pivotal role in the retail sector, focusing on the import and distribution of premium cigars. The company's online presence, aimed at Swiss consumers, provides extensive information on Habanos products and related events, making it a critical asset for the company's operations.

The susceptibility of Intertabak AG to ransomware attacks underscores a broader trend within the retail industry, which has increasingly become a target for cybercriminals. While the specifics of the website's compromise were not detailed, the ransomware group's announcement implies significant repercussions for the company's digital infrastructure.

Lockbit2, the ransomware group behind this attack, is notorious for its bold strategies, frequently targeting large entities and demanding substantial ransoms. Active since at least 2022, Lockbit2 has been implicated in numerous high-profile cyber incidents, affecting organizations such as Inforlandia, Robinson Pharma, and Fantasy Springs Resort Casino.

This incident with Intertabak AG serves as a stark reminder of the persistent threat ransomware groups pose, highlighting the critical importance of advanced cybersecurity measures to safeguard digital assets against such invasive attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.