Thales: LockBit 3.0 hackers released company data on the dark web | CRN

November 11, 2022, 02:05 PM EST

The French defense giant claims that “at this stage, Thales is able to confirm that there has been no intrusion of its computer systems”.

French defense and technology giant Thales confirmed on Friday that hacker group LockBit 3.0 had released some of its stolen data on the dark web.

Thales, which initially revealed earlier this week that hackers claimed to have stolen some of its data and threatened to release it, acknowledged in a follow-up message on Friday that previous boasts by hackers about the theft and release of items turned out to be too true.

“On November 10, 2022, an extortion and ransomware group (LockBit 3.0) published data relating to the Thales group on its publication platform,” the Paris-based company said in a statement.

[RECENT STORY: The 10 Biggest Data Breaches of 2022 (So Far)]

“At this stage, Thales is able to confirm that there has been no intrusion of its IT systems.”

The company added: “Thales security experts have identified one of two likely sources of the theft, which was confirmed via a partner user account on a dedicated collaboration portal. This led to the disclosure of a limited amount of information.

The company said Thales “continues to investigate the other source of theft” and is “working closely with its partner and providing all necessary technical support and resources to minimize any potential impact on customers and stakeholders concerned”. The company concluded: “Thales recalls that to date, there is no impact on the Group’s operations.”

A Thales representative could not be reached for comment.

After publishing its information on the breach, Thales stock fell around 8.4%.

Thales, which provides advanced technologies in the fields of defence, aeronautics, space and transport, is firmly established in the United States and even boasted two years ago to CRN of having planned to expand its already strong distribution business at home and abroad.

The LockBit 3.0 breach at Thales comes as the US federal government requires increased cyber vigilance from government vendors.

Among other things, the Department of Defense has launched its own CMMC (Cybersecurity Maturity Model Certification) program which requires defense industry contractors and subcontractors to significantly strengthen their cyber protections.

LockBit 3.0 is the latest version of LockBit ransomware, which Kaspersky described as “malicious software designed to block user access to computer systems in exchange for a ransom payment.”

Earlier this week, Bleeping Computer reported that ransomware affiliated with LockBit 3.0 “used phishing emails to install the Amadey bot to take control of a device and encrypt devices.”