• Home
  • News
  • LockBit Ransomware Attacks US Company

LockBit Ransomware Attacks Contra Costa County Employment & Human Services

Miklos Zoltan

By Miklos Zoltan . 28 January 2024

Founder - Privacy Affairs

Alex Popa

Fact-Checked this

Lockbit continues its cybercriminal spree, this time reaching US territory again. The victim is Contra Costa County Employment & Human Services and the attack resulted in a massive data leak.

  • The victim didn’t comment the breach publicly, but Lockbit posted a detailed expose of the leaked information
  • According to the cybercriminal organization, the attack managed to secure valuable data about the employees, financial sector, and many other internal documents
  • Lockbit currently ranks as the most dangerous, active, and innovative ransomware actor in the world
  • Unlike other ransomware hits, this one only gave the victim 2 days to negotiate the ransom

The attack took place on the 26th, but the victim only had time until the 28th to negotiate and reach a consensus with a Lockbit representative. Lockbit is known to be quite blunt and unbending in negotiations, so it is expected that the victim will refuse to pay.

This means that the attacker will publish the data on the DarkWeb, which could potentially impact the victim’s reputation and financial stability. However, this is pretty much the norm, as only a handful of victims accept to pay the ransom, which experts advise doing anyway.

X showing the LockBit attack on the US companies
https://twitter.com/FalconFeedsio/status/1751153065934356849

The reason is that, by doing so, victims end up supporting the ransomware industry, as the attacker is then incentivized to stay active in the field. This is especially important in the case of a group like Lockbit that is notorious for its aggression and capabilities.

According to the latest investigation, Lockbit appears to be responsible for nearly 50% of all ransomware attacks.

Lockbit’s History and Identity

Lockbit currently ranks as one of the most well-established ransomware actors in the world. The organization first became public in September of 2019 and quickly rose to previously unreached heights.

Two years later, Lockbit was already voted as the most prolific ransomware agency in the world. The organization racked up more than 1,700 victims and over $91 million in ransom payouts in less than 3 years of activity.

By comparison, most ransomware actors have a couple of hundred victims to their name at most.

So, who is Lockbit exactly? The answer is: nobody knows. This isn’t atypical, as all cybercriminal organizations today are anonymous. But it is atypical for a ransomware actor with such a long history in the business and such an active and aggressive profile.

This is proof that Lockbit is very well financed, with some suggesting governmental support. Some theories have linked Lockbit to Russia due to the group first appearing on a Russian-speaking forum.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Miklos Zoltan
Founder & CEO Privacy Affairs

Miklos Zoltan is the founder and CEO of Privacy Affairs. Miklos has long-time experience in cybersecurity and data privacy having worked with international teams for more than 10 years in projects involving penetration testing, network security and cryptography.

Miklos founded Privacy Affairs in 2018 to provide cybersecurity and data privacy education to regular audiences by translating tech-heavy and "geeky" topics into easy-to-understand guides and tutorials.

Miklos Zoltan
  • Connect with the author:

Leave a Comment