lockbit2 attacks Sigma

Incident Date:

June 21, 2022

World map



lockbit2 attacks Sigma






Alcobendas, Spain

Madrid, Spain

First Reported

June 21, 2022

Sigma Alimentos Hit by LockBit2 Ransomware

Overview of the Attack

Sigma Alimentos, a leading global food company with a presence in 18 countries, has fallen victim to the ransomware group LockBit2. The attackers have publicly announced on a dark web leak site their claim of exfiltrating more than 1 terabyte of data from Sigma Alimentos, threatening to release it within a week.

As a prominent entity in the food sector, Sigma Alimentos boasts a diverse product portfolio, consumer-centric innovation, and an extensive supply chain and distribution network. The company operates 66 manufacturing facilities globally and employs over 45,000 individuals from 60 different nationalities. Despite its substantial global presence and operational capabilities, Sigma Alimentos has not been impervious to cyber threats, as demonstrated by this recent LockBit2 ransomware attack.

The Significance of the LockBit2 Group

LockBit2, active since October 2017, is notorious for its bold strategies, frequently targeting large organizations and demanding substantial ransoms. This group has been responsible for several notable attacks, including a significant breach involving NCR, a major player in the payments industry.

Implications for the Food Industry

The incident with Sigma Alimentos underscores the critical need for enhanced cybersecurity defenses within the food industry. The potential disruption of operations due to such attacks can lead to severe consequences, not just for the targeted company but also for the supply chain and consumers reliant on its products. This situation serves as a stark reminder of the importance of adopting cybersecurity best practices, including regular software updates, comprehensive employee training, and the enforcement of robust password policies.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.