lockbit3 attacks Yehu Microfinance ltd

Incident Date:

September 26, 2022

World map



lockbit3 attacks Yehu Microfinance ltd


Yehu Microfinance ltd




Buxton, Kenya

Mombasa, Kenya

First Reported

September 26, 2022

Lockbit3 Ransomware Attack on Yehu Microfinance Services Limited

Company Overview

Yehu Microfinance Services Limited, also known as YMSL, was established in 2007 and has grown significantly since then. The company offers financial services to members active in business, agriculture, and the green energy sector, with a focus on improving the lives of low-income people and communities. Yehu operates through a network of 15 offices across the country, providing loans to members in rural areas, particularly in the Coast region, which includes Kwale, Mombasa, Kilifi, Tana River, Lamu, and Taita Taveta counties.

Vulnerabilities and Targeting

The ransomware attack on Yehu Microfinance Services Limited highlights the vulnerabilities of financial institutions in the digital age. Despite the company's growth and success, it has been targeted by threat actors, underscoring the need for robust cybersecurity measures to protect sensitive data and financial transactions.

Industry Impact

Ransomware attacks on financial institutions have been on the rise, with the finance sector experiencing a significant increase in such incidents. The attack on Yehu Microfinance Services Limited is part of a broader trend of cybercriminals targeting financial institutions, often with devastating consequences for both the victims and their customers.

The Lockbit3 ransomware attack on Yehu Microfinance Services Limited serves as a reminder of the importance of cybersecurity in the financial sector. As financial institutions continue to grow and expand their operations, they must also invest in robust cybersecurity measures to protect their customers' data and financial transactions from cybercriminals.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.