lockbit3 attacks columbiagrain

Incident Date:

July 19, 2022

World map



lockbit3 attacks columbiagrain






Lake City, USA

Florida, USA

First Reported

July 19, 2022

Ransomware Attack on Columbia Grain International

Company Overview

Columbia Grain International (CGI), a vertically-integrated company operating in the agriculture sector, has been targeted by the ransomware group Lockbit3. The attack was announced on the group's dark web leak site. CGI is dedicated to cultivating the growth of the food supply chain in the northwestern region of the United States, ensuring the world receives high-quality grains, pulses, oilseeds, and organics. The company operates assets such as grain elevators, processing plants, and agronomy centers across the northern tier of the United States. CGI has developed partnerships with over 8,000 farmers to fulfill crop demands from customers worldwide.


The specific vulnerabilities that led to the ransomware attack on CGI are not detailed in available information. However, it is known that the company has experienced data breaches in the past. In March 2022, Columbia Grain International, LLC reported a data breach. Additionally, in November 2022, it was found that Blackbaud software, which had been a victim of a ransomware attack in May 2021, was also affected by the breach.


The ransomware attack on CGI is significant because it affects a company that plays a crucial role in the food supply chain. The company's mission is to safely cultivate high-quality ingredients from local farmers that nourish the world. The attack could potentially disrupt the supply chain, affecting the availability and quality of food products.

The ransomware attack on Columbia Grain International underscores the importance for companies, especially those in the agriculture sector, to prioritize cybersecurity measures to protect their operations and the food supply chain. The specific vulnerabilities that led to the attack are not mentioned, but the company's history of data breaches is a clear indicator of the need for enhanced security protocols.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.