The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust.
Last month, BleepingComputer broke the story that Entrust suffered a ransomware attack on June 18th, 2022.
While Entrust confirmed to BleepingComputer that they suffered a cyberattack and that data was stolen from internal systems, they would not confirm that it was a ransomware attack.
“We have determined that some files were taken from our internal systems. As we continue to investigate the issue, we will contact you directly if we learn information that we believe would affect the security of the products and services we provide to your organization,” Entrust told BleepingComputer last month.
However, AdvIntel CEO Vitali Kremez told BleepingComputer at the time that a well-known ransomware gang had attacked Entrust after purchasing access to the corporate network through “network access sellers.”
LockBit claims attack on Entrust
Today, security researcher Dominic Alvieri told BleepingComputer that LockBit had created a dedicated data leak page for Entrust on their website, stating that they would publish all of the stolen data tomorrow evening.
When ransomware gangs publish data on their data leak sites, they usually leak data over time to scare the victim into returning to the negotiation table.
As LockBit states that they will publish all data, it indicates that Entrust has not negotiated with the ransomware operation or refuses to give in to their demands.
BleepingComputer has reached out to Entrust for further confirmation on the LockBit attack but has not heard back at this time.
However, LockBit claiming of the attack supports what sources had previously told BleepingComputer about who was responsible.
LockBit is considered one of the most active ransomware operations at this time, with its public-facing operation ‘LockBitSupp’ actively engaging with threat actors and cybersecurity researchers.
Due to its ongoing adoption of new tactics, technology, and payment methods, it is vital for security and network professionals to stay up to date on the evolution of the operation and its TTPs.