David’s Bridal, a world-famous manufacturer of wedding and bridesmaid dresses, was hit with a ransomware virus by Lockbit. The victim has been in service since 1950s and has customers across the world, including US, Canada, New Mexico, and UK.
It’s unclear whether the recent attack resulted in encrypted files or only a data leak. Generally, Lockbit chooses to use the double-extortion method, stealing the data and encrypting it on the parent hardware at the same time.
If the victim refuses to pay, the attacker will not only public the data, but will also refuse to provide the decryption tool. This can cause significant financial damages, as well as impacting the victim’s reputation, depending on how sensitive the leaked data is.
David’s Bridal didn’t comment on the incident, but it is presumed that they are working to circumvent the issue. Lockbit is notorious for asking high ransoms, which is especially concerning, given that David’s Bridal is valued at over $2.2 billion.
We believe security online security matters and its our mission to make it a safer place.
Lockbit is currently the most (in)famous ransomware actor in the world with thousands of victims and over $91 million in paid ransoms. These are scary numbers, considering that most ransomware groups don’t get past several dozens or hundreds of victims.
That’s because they either get dismantled by the FBI or other regulatory organizations or evolve into something else. Lockbit is different, as it’s been active in the market for more than 4 years. The first appearance was in September of 2019.
Despite its long lifespan and outstanding activity and aggression, investigation agencies didn’t attribute the group to any specific nation. This supports the idea that the group is very powerful and well-financed, which allows it to cover its tracks and identity effectively.
Lockbit’s main trait is its ability to evolve and keep up with its victims. The organization upgrades its tools, systems, and approaches constantly. Lockbit 2.0 came out in 2021, followed by v3.0 in July of 2023.
The organization is also known for producing an automated data exfiltration tool, Stealbit, which has quickly become its go-to tool.