Security news aggregator

Latest coverage for LockBit

LockBit is a ransomware operation covered through reported incidents, technical analysis, disruption efforts, and guidance to defend systems and data.

57 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

LockBit is a ransomware family and associated cybercrime operation—not an unrelated product or project—that has been reported in attacks where malware encrypts files on compromised systems and disrupts access. Coverage under this tag includes technical analysis of LockBit variants, reported incidents, infrastructure or law-enforcement disruption, and claims about stolen data or extortion; individual reports may differ in what is verified.

For defenders, the material risks are rapid encryption across reachable systems and possible exposure of data taken before encryption. Priorities include promptly addressing internet-facing vulnerabilities and exposed credentials, restricting lateral movement with segmentation and least privilege, and maintaining tested offline or otherwise isolated backups. Monitor for suspicious administrative activity and mass file changes, preserve logs and affected systems for investigation, and use threat intelligence on LockBit indicators to support containment. A suspected incident requires coordinated isolation, recovery, and assessment of privacy or regulatory obligations rather than assuming that paying restores systems or prevents disclosure.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 57 Filtered view

2023 LockBit Attack Affected Nearly 9M People, Including ChildrenMCNA Dental, one of the largest providers of U.S. government-sponsored dental benefits to children, has agreed to a proposed multimillion dollar settlement to resolve class action claims stemming from a 2023 LockBit ransomware attack and data theft that affected nearly 9 million people.

Bank Info Security 5 months, 2 weeks ago

Capital Health to Pay $4.5M in LockBit Breach Settlement

Class Action Stems From 2023 Ransomware Attack Affecting More Than 500,000Capital Health, which operates hospitals and other facilities in New Jersey and Pennsylvania, agreed to pay $4.5 million to settle consolidated class action litigation involving a 2023 LockBit ransomware and data theft attack affecting more than a 500,000 patients and employees.

Bank Info Security 7 months, 1 week ago

Ransomware Victim Warning: The Streisand Effect May Apply

Analysis of Seized LockBit Data Suggests Victims Who Pay Enjoy More Media CoverageBad news for any organization that's ever paid a ransom in a bid to avoid their breach coming to light, or for a promise from attackers to delete stolen data, with a study of seized LockBit data finding that victims who paid a ransom were more likely to see the attack get detailed in the media.

Bank Info Security 7 months, 4 weeks ago

US, Allies Sanction Russian Bulletproof Ransomware Host

Treasury Links Russian Bulletproof Host Network to Prolific Ransomware OperationsThe U.S., U.K. and Australia sanctioned Russian bulletproof host Media Land for supporting major ransomware gangs, including LockBit and Play, a move paired with new global guidance urging internet service providers to tighten access controls and disrupt cybercrime infrastructure.

Bank Info Security 1 year, 1 month ago

LockBit Crackdown Fragmented Russian Cybercrime Groups

Onslought Also Paved Way for Rise of English-Speaking HackersAn international law enforcement crackdown on the LockBit ransomware group caused fragmentation and distrust among Russian-speaking cybercrime groups, paving the way for English-speaking hacking groups to gain prominence, experts said Tuesday during a London conference.

Bank Info Security 1 year, 2 months ago

LockBit Leaks Reveal Drive to Recruit Ransomware Newbies

'Lite Panel' Offering Easy Access to Anyone for Just $777 Confirmed by ResearcherRansomware groups continue to find innovative new ways to shake down organizations large and small in their pursuit of ransom payoffs. For the LockBit group, one tweak was to debut a "lite" version of its ransomware portal that appears to have amassed dozens of very inexperienced business partners.

Bank Info Security 1 year, 3 months ago

Vampire Cosplay and Brand Revival: Ransomware in 2025

Newcomer VanHelsing and a Supposedly Revitalized LockBit Enter Victim-Hunting FrayWhile the vast majority of ransomware attacks lately trace to relatively long-running groups, researchers see new operators entering the fray, lately including a ransomware-as-a-service group calling itself VanHelsing, as well as a fresh version of LockBit.

Bank Info Security 1 year, 3 months ago

Fake Out: Babuk2 Ransomware Group Claims Bogus Victims

What Do You Mean, Hospital-Targeting Sociopath Ransomware Wielders Continue to Lie?A ransomware group reusing the Babuk ransomware brand claims to have stolen data from the likes of Amazon, Delta and US Bank. Just one problem: Security experts found a startling overlap between its claimed victims and previous attacks scored by the likes of Clop, LockBit and RansomHub.

Bank Info Security 1 year, 4 months ago

Suspected LockBit Ransomware Developer Extradited to US

Feds Accuse Dual Russian-Israeli National of Serving as Key Member of OperationAn accused developer for Russian-speaking ransomware group LockBit, 51-year-old Rostislav Panev, appeared in a U.S. courtroom after being extradited from Israel. The dual Russian and Israeli citizen faces a 41 count superseding criminal indictment charging him with being a key member of the group.

US, UK and Australia Target Zservers for Supporting LockBit, Other Cybercrime GroupsA Russian bulletproof hosting service used by cybercriminals including the LockBit ransomware group has been sanctioned by Australian, British and American agencies. Zservers has been advertised in criminal forums as an aid to avoid law enforcement investigations and takedowns.

Bank Info Security 1 year, 5 months ago

Still-Lucrative Ransomware's Profits Plunged 35% Last Year

Collapse of LockBit and BlackCat/ALPHV Tied to Ongoing Decline in Big-Game HuntingRansomware may still be raking in massive cryptocurrency profits for practitioners, but 2024 turned out to be less of a banner year than predicted, with blockchain researchers reporting that the sum total of known ransom payments to ransomware groups in 2024 plummeted by 35%.

Bank Info Security 1 year, 6 months ago

Alleged LockBit Coder Faces 41-Count Indictment in US

US Seeks Extradition of Dual Russian and Israeli Citizen Rostislav Panev from IsraelA newly unsealed U.S. federal indictment against Rostislav Panev says the LockBit ransomware operation paid the Israeli national a $10,000 monthly salary for coding and consulting services. Federal prosecutors are seeking Panev's extradition from Israel following his August arrest.

Also: Interpol Says 'Pig Butchering' Shames Victims, A Data Leak Scandal in MexicoThis week, U.S. asks Israel to extradite an alleged LockBit coder, don't say "pig butchering," and an Apache Struts flaw. A hunt for alleged data thieves in Mexico, Europe probes TikTok and Netfilix fined 4.75 million. A ransomware attack against Texas medical centers and a credit union breach.

Bank Info Security 1 year, 7 months ago

Russia Indicts Ransomware Hacker Wanted by the FBI

Suspected LockBit, Babuk Operator Mikhail Matveev Arrested in RussiaA prolific ransomware affiliate hacker and developer is facing criminal charges in Russia, Kremlin media reported Friday. Mikhail Pavlovich Matveev has been wanted by U.S. authorities since 2023 for his role in hacking activities as part of ransomware groups including LockBit, Hive and Babuk.

Bank Info Security 1 year, 8 months ago

Europol Details Pursuit of LockBit Ransomware Affiliates

Operation Cronos Prioritized Disrupting Criminal Trust in the Group, Official SaysWhat does it take to disrupt a major ransomware operation? The effort against LockBit initially prioritized disrupting criminals' trust in the ransomware group, and has since shifted to unmasking affiliates, a Europol's official told attendees at the Hardwear.io security conference in Amsterdam.

Bank Info Security 1 year, 9 months ago

Operation Cronos Is Disrupting LockBit, Says UK Official

Impact is "What We Would Have Hoped For, Says NCSC CTO Ollie WhitehouseA British cybersecurity official touted Operation Cronos, an international operation against LockBit, saying multiple strikes aimed at the ransomware-as-a-service have disrupted its ability to recruit hackers. The operation has resulted in indictments, sanctions, and server takedowns.

Bank Info Security 1 year, 9 months ago

Hawaii Clinic Notifies 124,000 of Hack Credited to Lockbit

Data Leak Preceded Law Enforcement Crackdown on Group That Targets Health SectorA clinic in Hawaii is notifying 124,000 patients that their health data was potentially compromised in a May hack. Lockbit 3.0 claims to have published the stolen records on its data leak site in June - months before global authorities this week disclosed a crackdown on the cybercrime gang.

Naming and Sanctioning Cybercrime Syndicate Members Has Repercussions, Police SayWestern law enforcement may not be able to bust every last Russian cybercrime suspect, but newly revealed efforts against Evil Corp and LockBit reveal suspects arrested while on vacation, as well as the psychological fallout criminal syndicates face when members get named, indicted and sanctioned.

Loading more headlines...