lockbit3 attacks Kortrijkse RIJSCHOOL

Incident Date:

September 9, 2022

World map

Overview

Title

lockbit3 attacks Kortrijkse RIJSCHOOL

Victim

Kortrijkse RIJSCHOOL

Attacker

Lockbit3

Location

Leopold I-straat, Belgium

Kortrijk, Belgium

First Reported

September 9, 2022

Kortrijkse Rijschool Targeted by Lockbit3 Ransomware Group

The Kortrijkse Rijschool, a driving school based in Belgium, has been targeted by the ransomware group Lockbit3. The attack was announced on the group's dark web leak site. The Kortrijkse Rijschool operates in the Education sector, offering driving lessons for various types of vehicles, including motorcycles and heavy trucks.

The Kortrijkse Rijschool is a small organization, and it is not clear from the available information how many employees it has or its exact size. However, it is part of the education sector, which has been a frequent target for ransomware attacks in recent years. The sector's vulnerabilities include outdated software, lack of cybersecurity training, and insufficient budgets for cybersecurity measures.

Lockbit3's Modus Operandi

The Lockbit3 ransomware group has been active in targeting various organizations, including schools, in recent months. The group's modus operandi involves encrypting the victim's data and demanding a ransom in exchange for a decryption key. In the case of the Kortrijkse Rijschool, the group has apologized for the attack and promised to delete the stolen data, indicating that the attack may have breached the group's code of conduct.

The incident serves as a reminder of the importance of cybersecurity measures for organizations of all sizes, particularly those in sectors that are frequently targeted by threat actors. It is crucial for organizations to maintain up-to-date software, invest in cybersecurity training, and allocate sufficient budgets for cybersecurity measures to minimize the risk of ransomware attacks.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.