Subway acknowledges the cyber threat and is currently investigating the validity of LockBit’s claims, though no data samples have been provided as proof.
The gang asserts they’ve successfully extracted several hundred gigabytes of data and issued an ultimatum, giving the company about two weeks to meet the ransom demands.
On January 21st, LockBit identified Subway as its target on its data leak site, warning of data release if the specified demands aren’t satisfied by February 2nd. In their statement, LockBit accused the prominent sandwich chain of downplaying the situation, claiming access to the SUBS internal system, which contains extensive data such as financial records related to employee salaries, franchise royalties, master franchise commissions, restaurant turnovers, and more. The group has granted a grace period for Subway to safeguard the data; otherwise, they express willingness to sell it to competitors.
Despite making these claims, LockBit hasn’t provided any data samples as evidence. Subway acknowledges the allegations and is currently assessing their validity.
In the broader context of ransomware activities, a newly developed tool called Ransomlooker identified a total of 66 active ransomware groups in 2023. LockBit maintained its lead for the second consecutive year, being responsible for the highest number of victims—1009 incidents, comprising nearly a quarter of all ransomware victims in 2023. The group predominantly targeted industries such as construction, manufacturing/industrial, and retail in their cyber attacks.
Story credit
Related stories:
