Scattered Spider-Linked Group Claims JLR Cyber-Attack
JLR said it is investigating following claims by the actor “Scattered Lapsus$ Hunters” that it had stolen data from the firm and had issued an extortion demand
Stay updated on cyber extortion trends: threats, prevention tips, and incident responses. Protect your data with the latest info on digital ransom tactics.
Search across headline titles and summaries.
Background for this topic.
Extortion is coercion through threats: an attacker demands money or another concession while threatening harm if the victim refuses. In cybersecurity, this commonly involves encrypting systems and demanding payment for recovery, stealing data and threatening to publish it (often called double extortion), or threatening service disruption. The threatened harm may be real, exaggerated, or based on data the attacker did not actually obtain; payment does not guarantee data deletion, secrecy, or restoration.
Security teams should treat an extortion demand as a potential incident: preserve evidence, isolate affected systems, determine whether data was accessed, and involve legal and privacy specialists where notification or regulatory duties may apply. Offline, tested backups can reduce leverage from encryption, but they do not address stolen information. Reviewing exposed remote services, credentials, and unpatched internet-facing systems can help contain the access path, while threat intelligence may help assess the attacker’s claims and identify related activity.
JLR said it is investigating following claims by the actor “Scattered Lapsus$ Hunters” that it had stolen data from the firm and had issued an extortion demand
AI-powered ransomware, extortion chatbots, vibe hacking … just wait until agents replace affiliates It's no secret that AI tools make it easier for cybercriminals to steal sensitive data and then extort victim organizations. But two recent developments illustrate exactly how much LLMs lower the bar for ransomware and other financially motivated cybercrime — and provide a glimpse to defenders about what's on the horizon.…
Cyber Extortion Campaign Automated Efforts to 'Unprecedented' Degree, Says AI GiantArtificial intelligence giant Anthropic said it's disrupted a cybercrime operation that tapped its large language models, including Claude Code, to an "unprecedented" extent to help automate a data theft and extortion campaign that targeted more than a dozen critical infrastructure organizations.