lockbit3 attacks Lenax Construction Services, Inc.

Incident Date:

August 26, 2022

World map

Overview

Title

lockbit3 attacks Lenax Construction Services, Inc.

Victim

Lenax Construction Services, Inc.

Attacker

Lockbit3

Location

Los Angeles, USA

California, USA

First Reported

August 26, 2022

Lenax Construction Services, Inc. Suffers Ransomware Attack

Company Overview

Lenax Construction Services, a Los Angeles-based construction consulting firm, offers a variety of services such as project controls, construction cost estimating, change order administration, scheduling, and document control. Despite the lack of detailed information about the company's size or specific projects on its website, it highlights a team of experienced professionals and a dedication to quality.

Vulnerabilities and Impact

Ransomware attacks often leverage unpatched vulnerabilities or weak passwords to infiltrate systems. In this instance, Lenax Construction Services fell victim to an attack that encrypted data and demanded a ransom for its release. Although the specifics of the company's response to the attack are not fully disclosed, it is noted that they had backups that were not connected to the main network and were, therefore, unaffected by the attack.

Industry Context

The construction industry has increasingly become a target for ransomware groups such as LockBit and Conti. This trend is attributed to the industry's expanded digital footprint, driven by the adoption of new technologies. It underscores the critical need for companies within the sector to enhance their cybersecurity measures to safeguard against such threats.

Lenax Construction Services, Inc. has encountered a significant cybersecurity challenge with the ransomware group Lockbit3 announcing the attack on their dark web leak site. The incident led to network disruptions and data encryption, potentially compromising the personal information of employees, former employees, and their families. The full impact of the attack and the company's subsequent actions remain underreported.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.