lockbit2 attacks Saskarc

Incident Date:

May 11, 2022

World map



lockbit2 attacks Saskarc






Oxbow, Canada

Saskatchewan, Canada

First Reported

May 11, 2022

Saskarc Ransomware Attack

Company Overview

Saskarc, a leading structural steel fabrication company in the US, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site, and the victim's website, Saskarc, was identified as the target. Saskarc operates in the construction sector and is known for its expertise in complex industrial steel fabrication, providing value for projects such as mining construction, oil and gas projects, solar construction projects, and warehouses.

Saskarc is a trusted partner that helps minimize risk by maximizing value in large-scale structural steel fabrication projects. The company has extensive experience in complex industrial steel fabrication and is uniquely positioned to engage in commercial structural steel projects, from mid-rise multi-story residential and commercial structures to arenas. Saskarc's two steel fabrication shops are centrally located in North America, with locations in Oxbow and Estevan in Saskatchewan, Canada, and offices in Edmonton, Alberta, and Shallowater, Texas to assist customers in the US and Canada.

Vulnerabilities and Targeting

The ransomware attack on Saskarc highlights the vulnerabilities of companies in the construction sector to cyber threats. While the specific details of the attack are not available, it is likely that the attackers exploited vulnerabilities in Saskarc's systems or networks to gain access and deploy the ransomware. The attack could have resulted in data breaches, loss of access to critical systems, and potential financial losses for the company and its clients.

Mitigation and Response

In response to the attack, Saskarc and other affected organizations should prioritize mitigation strategies to minimize the impact of the ransomware and prevent future attacks. This may include implementing robust cybersecurity measures, such as regular software updates, strong passwords, and employee training on cybersecurity best practices. Additionally, companies should consider working with cybersecurity experts to assess their vulnerabilities and develop a comprehensive incident response plan.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.