Sunshine Coast Regional District Suffers Ransomware Attack by Lockbit3

About the Victim

The Sunshine Coast Regional District (SCRD), a Canadian regional government, has been targeted by the ransomware group Lockbit3, as reported on their dark web leak site. The SCRD is headquartered in the town of Sechelt and spans approximately 3,700 square kilometers. It serves a population of about 32,000, which includes the town of Gibson, the Sechelt Indian Government District, and several Indigenous reserves. The district is typically accessed via ferry, boat, or plane, as no roads connect it with the rest of the province.

Vulnerabilities and Impact

The attack on SCRD resulted in disrupted IT systems, including an email outage and the website being offline for a period. The SCRD has contracted an external cybersecurity firm to assist with the investigation and has also reported the incident to the British Columbia Office of the Information and Privacy Commissioner (OIPC).

Previous Attack and Response

The SCRD was previously targeted by ransomware in September 2022, but no ransom was paid following the attack. The district follows best practices in relation to data storage and protection.

Sources

• Sunshine Coast Regional District: Home
• Duncan Walls on LinkedIn: Sunshine Coast Regional District
• Coast Reporter: SCRD targeted by ransomware attack
• Coast Reporter: No further action needed after ransomware attack on SCRD
• IT World Canada: B.C. regional government acknowledges cyber attack
• Data Breaches Digest: Sunshine Coast Regional District