Real Estate Giant True Homes Falls Victim to Lockbit3 Ransomware Attack

Incident Date:

April 5, 2024

World map

Overview

Title

Real Estate Giant True Homes Falls Victim to Lockbit3 Ransomware Attack

Victim

True Homes

Attacker

Lockbit3

Location

Monroe, USA

North Carolina, USA

First Reported

April 5, 2024

True Homes Suffers Ransomware Attack

Overview

True Homes, a real estate company operating in the United States, has been targeted by the ransomware group Lockbit3. True Homes is a significant player in the real estate sector, with a focus on homebuilding and land development. The attack was announced on the group's dark web leak site and although law enforcement agencies seized control of LockBit dark web sites in February 2024, the group has attempted a comeback with further attacks.

A North Carolina-based company that has been in operation for over 20 years. They specialize in building homes in the Carolinas and Virginia, with a commitment to providing quality homes at affordable prices. The company has a strong reputation in the industry, with a focus on customer satisfaction and community involvement.

Vulnerabilities and Targeting

Ransomware attacks on real estate companies have become increasingly common, with groups like DarkSide and Lockbit3 targeting organizations in the sector. True Homes was likely targeted due to its size and the valuable data it holds, including customer information and property records. The attackers may have gained initial access to computer systems through various means like purchased access, unpatched vulnerablities, insider access, and zero-day exploits.

Mitigation and Response

In response to the attack, True Homes has not released a public statement. However, the company is likely working with cybersecurity experts to assess the damage and develop a plan for recovery. This may include paying the ransom to regain access to their systems, implementing additional security measures to prevent future attacks, and notifying affected customers of the breach.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.