lockbit2 attacks produitsneptune...

Incident Date:

April 22, 2022

World map



lockbit2 attacks produitsneptune...






Saint-Hyacinthe, Canada

Quebec, Canada

First Reported

April 22, 2022

Produits Neptune: A Manufacturing Company Targeted by Lockbit2 Ransomware

Produits Neptune, a company operating in the Manufacturing sector, has been targeted by the Lockbit2 ransomware group. The attack was announced on the group's dark web leak site, and the victim's website is currently under scrutiny. The company's headquarters are located at 6835, Picard Street, Saint-Hyacinthe, Quebec, Canada, J2S 1H3.

As a mid-sized entity with a focus on manufacturing, Produits Neptune represents a typical target for ransomware attacks, which have increasingly plagued the manufacturing sector. The Lockbit2 ransomware group, notorious for its sophisticated attack vectors, often infiltrates systems via phishing emails or compromised websites. This group has been attributed with 16% of the ransomware attacks in the U.S. during 2022, targeting not only manufacturing but also critical infrastructure sectors such as healthcare and logistics.

The modus operandi of the Lockbit2 group involves demanding ransom in exchange for decryption keys, frequently employing double-extortion tactics by exfiltrating data prior to encryption. High-profile organizations, including JBS—the world's largest meat processor, which succumbed to an $11 million ransom in 2021—have been victims of this group.

As of now, Produits Neptune has not issued a public response to the attack. The status of the ransom—whether it has been paid or if the company has managed to recover from the attack independently—remains uncertain. Despite the attack, the company's website continues to function, leaving the impact on its operations or data security unclear.

The incident with Produits Neptune serves as a stark reminder of the persistent ransomware threat facing mid-sized manufacturing companies. It emphasizes the critical importance of adopting comprehensive cybersecurity measures and preparing an effective response and recovery strategy for ransomware incidents.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.