lockbit2 attacks Sherpa

Incident Date:

May 16, 2022

World map



lockbit2 attacks Sherpa






Bedford, United Kingdom

Milton Keynes, United Kingdom

First Reported

May 16, 2022

Ransomware Attack on Sherpa: A Business Services Company

Company Overview

Sherpa, a specialist partnership agency trusted by global technology brands, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site. Sherpa operates in the Business Services sector, providing planning and activation services for partnership ecosystems.

Sherpa is known for its expertise in partnership ecosystems, driving key partnerships forward to accelerate growth, identify opportunities, and provide visibility of investment. The company is the first and only true activation agency for the world's leading technology companies, focusing on strategic, global, and 100% partnerships-focused services.

Company Size and Industry Standout

Sherpa's website does not provide specific information about the size of the company. However, the company's reputation and clientele suggest that it is a significant player in the business services sector. Sherpa's unique selling proposition is its focus on partnership ecosystems, which sets it apart from other business services companies that may offer a broader range of services.

Vulnerabilities and Targeting

The ransomware attack on Sherpa highlights the vulnerabilities of companies in the business services sector. Cybercriminals often target companies with valuable data or those that can be used as a stepping stone to access other networks. In this case, Sherpa's partnership ecosystem expertise and clientele make it an attractive target for cybercriminals.

To mitigate the risks of ransomware attacks, companies should focus on implementing robust cybersecurity measures, such as regular software updates, employee training, and data backups. Additionally, companies should be vigilant about phishing attacks and other social engineering tactics that can be used to gain access to sensitive information.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.