Smith & Caughey's Ransomware Attack: LockBit 3.0 Threat
Incident Date:
June 2, 2024
Overview
Title
Smith & Caughey's Ransomware Attack: LockBit 3.0 Threat
Victim
Smith and Caughey's
Attacker
Lockbit3
Location
First Reported
June 2, 2024
Ransomware Attack on Smith & Caughey's
Company Overview
Smith & Caughey's is an upscale department store located in Auckland, New Zealand. The company, known for its long history and customer-centric approach, offers a wide range of products including fashion, beauty, homeware, and gifts. With over 130 years of operation, Smith & Caughey's has been a popular shopping destination in Auckland.
Company Size and Standout
Employing approximately 132 people, Smith & Caughey's generates an annual revenue of $46 million. The company stands out in the retail sector for its high-quality products and excellent customer service, making it a cherished name among shoppers.
Company Vulnerabilities
As a prominent retailer, Smith & Caughey's possesses valuable customer data, financial information, and operational details, making it an attractive target for threat actors such as ransomware groups. The company's reliance on digital systems for communication and operations also increases its vulnerability to cyber attacks.
Attack Overview
Recently, the LockBit 3.0 ransomware group targeted Smith & Caughey's website, leaking sensitive data that includes financial, HR, accounting, management, and IT department information. This attack has disrupted the company's ability to communicate with stakeholders and raised significant concerns about data privacy and security.
Ransomware Group Profile
Known as LockBit Black, the LockBit 3.0 ransomware group is a sophisticated Ransomware-as-a-Service (RaaS) entity that has evolved from previous versions of LockBit. It is renowned for its advanced encryption techniques and obfuscation methods, targeting a wide range of organizations globally, including major companies.
Penetration Method
LockBit 3.0 likely infiltrated Smith & Caughey's systems through phishing emails, vulnerable software, or by exploiting weak network security measures. The ransomware's capability to move laterally through a network and cover its tracks makes it challenging for organizations to detect and defend against.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.