lockbit2 attacks TCCM

Incident Date:

March 2, 2022

World map

Overview

Title

lockbit2 attacks TCCM

Victim

TCCM

Attacker

Lockbit2

Location

Jindrisska, Europe

Nove mesto, Europe

First Reported

March 2, 2022

TCCM, a Telecommunications Company in Central and Eastern Europe, Suffers a Ransomware Attack by Lockbit2

TCCM, a telecommunications company operating in Central and Eastern Europe, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site. TCCM is a significant player in the telecommunications sector, with a presence in 20 countries and a potential customer base of 140 million people.

Company Overview

TCCM offers a comprehensive suite of services to drive connectivity and efficiency in Central and Eastern Europe. They have a strong regional understanding and work with over 200 partners from the telecommunications, retail, and e-commerce industries. The company is headquartered in Prague, with offices in the city center and a warehouse facility also located in Prague. They have strategically positioned hubs in several other countries to optimize their presence and service delivery across various regions.

Vulnerabilities and Targeting

Ransomware attacks typically exploit vulnerabilities in outdated software, unpatched systems, or weak passwords. In the case of TCCM, the attackers may have targeted vulnerabilities in their software or network infrastructure. The company's size and extensive partnerships make it an attractive target for cybercriminals seeking to disrupt operations and demand ransom payments.

Response and Mitigation

The specifics of TCCM's response to the attack are not publicly available. However, companies facing ransomware attacks should follow established best practices, such as isolating affected systems, restoring data from backups, and engaging with cybersecurity experts to understand the attack and prevent future incidents.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.