The UK insurer Kingfisher Insurance has been added to the dark web blog of ransomware gang LockBit 3.0. The cybercrime group claims to have stolen 1.4 terabytes of information from the company, including employee and customer personal information. Kingfisher is listed alongside six other companies that the gang claims to have hacked this month.
Kingfisher Insurance operates eight brands in specialist insurance areas such as car and home insurance.
The gang claiming to have infiltrated the company’s servers and obtained a trove of data was added to the LockBit blog last night.
The criminals have given Kingfisher until November 28 to respond to their undisclosed demands, or else they will begin publishing the 1.4 terabytes of data.
Accounts and passwords from Workaday and Access databases were also discovered in the initial data release. Tech Monitor has reached out to Kingfisher Insurance for comment on the alleged security breach.
This month, at least six more victims have been posted to the blog, including Japanese tech company Ooymia. It operates in a variety of industries, raising the prospect of supply chain attacks if its systems are compromised.
The company is involved in the supply chain of numerous organisations worldwide, including those in healthcare, communications, and automotive, as well as pharmaceutical and electronic industries. It has until October 20 to respond to LockBit’s demands.