lockbit3 attacks Hering & Heinz GmbH & Co. KG

Incident Date:

September 19, 2022

World map

Overview

Title

lockbit3 attacks Hering & Heinz GmbH & Co. KG

Victim

Hering & Heinz GmbH & Co. KG

Attacker

Lockbit3

Location

Pottum, Germany

Pottum, Germany

First Reported

September 19, 2022

Hering & Heinz GmbH & Co. KG Targeted by Lockbit3 Ransomware Group

Company Overview

Hering & Heinz GmbH & Co. KG is a well-known company in the heating, sanitation, and bathroom design industry. They offer services for heating and sanitation installations in residential and commercial properties, including single-family homes, multi-family homes, and commercial buildings. Their expertise extends to consulting, planning, and installation of heating systems, sanitation systems, and bathroom designs. The company has a reputation for quality and affordability, making them a popular choice for customers in the region.

Vulnerabilities and Targeting

The Lockbit3 ransomware group has targeted Hering & Heinz GmbH & Co. KG, exploiting vulnerabilities in their systems. The exact nature of the vulnerabilities is not disclosed in the available information, but it is known that the attack occurred on a decommissioned marketing website hosted on an external platform. The company's internal systems are reportedly operating normally, and there is no evidence of a broader attack at this time.

Industry Trends and Mitigation

Ransomware attacks on companies in the Construction sector have been on the rise, with several large food manufacturers facing data theft incidents in 2023. The Lockbit3 group has been active since around 2018 and has targeted various sectors, including defense, critical infrastructure, technology, and food and agriculture. The group uses double-extortion tactics, encrypting victims' systems and threatening to leak stolen data if a ransom is not paid.

To mitigate the risks of ransomware attacks, companies should implement robust cybersecurity measures, such as regular software updates, strong passwords, and employee training on cybersecurity best practices. Additionally, companies should consider implementing a disaster recovery plan to minimize the impact of a successful attack.

Sources

  • Hering & Heinz GmbH & Co. KG - Heizung, Sanitär und Badgestaltung: Hering & Heinz aus Pottum
  • Kraft Heinz reviewing claims of cyberattack but internal systems ‘operating normally’ - SecurityWeek
  • Kraft Heinz investigating possible cyberattack - TechRadar
  • Kraft Heinz probes ransomware attack claim - Cybersecurity Dive

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.