lockbit2 attacks TCCM
Incident Date:
March 2, 2022
Overview
Title
lockbit2 attacks TCCM
Victim
TCCM
Attacker
Lockbit2
Location
First Reported
March 2, 2022
TCCM, a Telecommunications Company in Central and Eastern Europe, Suffers a Ransomware Attack by Lockbit2
TCCM, a telecommunications company operating in Central and Eastern Europe, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site. TCCM is a significant player in the telecommunications sector, with a presence in 20 countries and a potential customer base of 140 million people.
Company Overview
TCCM offers a comprehensive suite of services to drive connectivity and efficiency in Central and Eastern Europe. They have a strong regional understanding and work with over 200 partners from the telecommunications, retail, and e-commerce industries. The company is headquartered in Prague, with offices in the city center and a warehouse facility also located in Prague. They have strategically positioned hubs in several other countries to optimize their presence and service delivery across various regions.
Vulnerabilities and Targeting
Ransomware attacks typically exploit vulnerabilities in outdated software, unpatched systems, or weak passwords. In the case of TCCM, the attackers may have targeted vulnerabilities in their software or network infrastructure. The company's size and extensive partnerships make it an attractive target for cybercriminals seeking to disrupt operations and demand ransom payments.
Response and Mitigation
The specifics of TCCM's response to the attack are not publicly available. However, companies facing ransomware attacks should follow established best practices, such as isolating affected systems, restoring data from backups, and engaging with cybersecurity experts to understand the attack and prevent future incidents.
Sources
- TCCM: The One Solution for CEE. Retrieved April 10, 2024, from https://www.tccm.com
- Ransomware Posts - GitHub Pages. Retrieved April 10, 2024, from https://privtools.github.io/ransomposts/
- Ransomware Attacks: Prevention and Response. Retrieved April 10, 2024, from https://www.cisa.gov/uscert/ncas/alerts/aa22-203a
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.