lockbit3 attacks Aids Alabama

Incident Date:

September 30, 2022

World map



lockbit3 attacks Aids Alabama


Aids Alabama




Birmingham, USA

Alabama, USA

First Reported

September 30, 2022

AIDS Alabama Suffers Ransomware Attack by Lockbit3

AIDS Alabama, a non-profit organization located in Birmingham, Alabama, recently fell victim to a ransomware attack orchestrated by the Lockbit3 group. This incident was disclosed on the group's dark web leak site, pinpointing aidsalabama.org as the compromised entity. Specializing in Healthcare Services, AIDS Alabama provides a comprehensive suite of services, including rapid HIV and Hepatitis C testing that is free, confidential, and anonymous, alongside housing support, policy advocacy, and bilingual mental health services.

With a significant footprint, AIDS Alabama supports over 8,000 residents across the state, offering emotional and medical support, housing, and food assistance. The organization is also deeply involved in advocacy efforts for Black Lives Matter, substance abuse support, and preventative education. However, despite its commendable community support efforts, AIDS Alabama has not been immune to cyber threats. In 2023, the organization disclosed a data breach that led to the unauthorized access of patient information.

The Lockbit3 ransomware group, notorious for its attacks across various sectors including healthcare, industrial companies, and transportation, has been actively engaging in ransomware attacks. These attacks often involve demanding ransoms in exchange for decryption keys or the return of stolen data. The trend of increasing ransom demands, especially from insured entities, appears to be incentivizing such cybercriminal activities further.

This recent ransomware attack on AIDS Alabama underscores the persistent cyber threats facing organizations across different sectors. Despite strides towards bolstering cybersecurity, exemplified by the inauguration of Alabama's first cybersecurity operations center in 2018, challenges such as DDoS and ransomware attacks continue to present significant risks to state governments and organizations alike.


  • 'Denial of Service' attack hits Alabama State Government Offices. Available at: [URL]
  • Alabama state and city governments grapple with pair of cyber incidents. Available at: [URL]
  • Alabama-based DCH Health System pays hackers responsible for ransomware attack. Available at: [URL]
  • Alabama websites recovering from DDoS cyberattack. Available at: [URL]
  • AIDS Alabama Breach: Patient Data Accessed in Cyberattack. Available at: [URL]

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.