View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
October 18, 2022

UK’s Kingfisher Insurance suffers apparent LockBit 3.0 ransomware attack

Ransomware gang LockBit 3.0 claims to have stolen more than a terabyte of data from the insurance company.

By Claudia Glover

UK insurer Kingfisher Insurance has been added to the dark web blog of ransomware gang LockBit 3.0. The cybercrime group claims to have lifted 1.4 terabytes of information from the company including the personal data of employees and customers. Kingfisher appears alongside six other companies the gang claims to have hacked this month.

Kingfisher Insurance operates eight brands across specialist insurance areas including car and home insurance.

Kingfisher provides services including car and home insurance. (Photo by Freedomz/iStock)

LockBit 3.0 attacks Kingfisher Insurance

Kingfisher was added to the LockBit blog last night, with the gang claiming to have infiltrated the company’s servers and obtained a trove of data.

The criminals have set a deadline of 28 November for Kingfisher to respond to their undisclosed demands, otherwise they will begin publishing the 1.4 terabytes of data.

Management system accounts and passwords from Workaday and Access databases also cropped up in the initial data release. Tech Monitor has contacted Kingfisher Insurance for comment on the alleged breach.

At least six other victims have been posted to the blog this month, including Japanese tech company Ooymia. It works across a range of sectors, opening up the possibility of supply chain attacks if its systems have been been breached.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

The company is in the supply chain of multiple organisations worldwide in industries including healthcare, communications and automotive, as well as pharmaceutical and electronic. It has a 20 October deadline to respond to LockBit’s demands.

What is LockBit 3.0?

LockBit 3.0 is a ransomware gang with an ever-growing list of victims. It has been the most active ransomware gang in the third quarter of 2022, committing 37% of the ransomware attacks, an increase of 5% since the previous quarter, according to research from security vendor CyberInt. 

The gang wreaked havoc on the global private and public sectors in August, attacking the Italian tax offices, the cybersecurity firm Mandiant and NHS supplier Advanced. The latter attack led to disruptions to the NHS’s 111 service. 

The gang itself was hacked in August. A DDoS attack was launched on LockBit’s dark web server, which hosts leaks from companies the gang has ransomed. At the time of the attack, LockBit was receiving “400 requests a second from over 1,000 servers”.

Read more: Ransomware gangs are getting smaller and smarter

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.