Reuters has not yet confirmed the full contents of the leak, but early reports indicate it includes chat logs between Lockbit members and their victims. Security experts who have reviewed the material say it appears to be genuine.
“It’s legit,” said Jon DiMaggio, Chief Security Strategist at cybersecurity firm Analyst1. Christiaan Beek, a senior director at Rapid7, also confirmed the data looks “really authentic.” He noted that the leak shows Lockbit targeting not just large companies but also small businesses for even modest ransoms.
“They attack everyone,” Beek said.
The source of the leak remains unknown, and some Lockbit-associated darkweb sites were offline on Thursday, displaying a message that they would be "working soon."
Lockbit has been involved in several high-profile ransomware attacks globally. Despite past efforts by international law enforcement to shut them down — including infrastructure seizures by U.S. and British authorities last year — the group quickly returned online, claiming, “I cannot be stopped.”
However, cybersecurity experts believe this latest breach could be a major setback. DiMaggio called it “an embarrassment” and suggested it may slow down the group’s activities.
Lockbit has not commented publicly on the incident so far.
Tags:
Cybercrime in World
