LockBit 3.0 criminals carried out a successful ransomware attack on Subway. The group reportedly stole gigabytes of sensitive financial information.
A group using the LockBit 3.0 ransomware to carry out attacks managed to infiltrate Subway, The Register reports. The attack was carried out by hijacking the so-called “SUBS” internal system, allegedly capturing hundreds of gigabytes of data.
Specifically, this included Subway’s financial data, such as employee salary information, payments from individual franchise locations, commission transactions, restaurant sales and more.
Ransom unknown
The hackers are giving Subway some time to “insure” the data, which basically amounts to paying a ransom. Otherwise, the data will be made public and/or traded. LockBit 3.0 operators try to behave like a professional service, including its own customer service.
Tip: LockBit 3.0, the market leader in ransomware
How much ransom LockBit 3.0 charges for this data is unknown. This is often based on the specific revenue model the ransomware gang has.
Strict ransom rules of Lockbit 3.0
Research shows that LockBit 3.0 often determines ransom amounts based on a victim’s revenue. In the case of the fast food industry, such figures are not always public. In such a case, it is likely that the LockBit group makes up its own amount.
In addition, for its own accomplices, the ransomware gang has certain rules for negotiating the ransom terms. To prevent them from bringing in less than expected in the negotiations, these allies are bound by certain maximum discount percentages before ceasing negotiations and publishing the data.
Subway denies being hacked at this time, but does indicate it is investigating LockBit 3.0’s claim.
Also read: Emergency systems offline after ransomware attack
22 hours ago
