International fast-food restaurant chain Subway is facing a potential PR nightmare due to an alleged ransomware attack carried out by the notorious LockBit ransomware gang. Reports suggest Subway’s systems were compromised by the LockBit gang, known for its aggressive tactics.
Subway has launched an investigation after the LockBit ransomware group claimed to have hacked the company’s SUBS internal systems and stole a trove of data. The ransomware-as-a-service provider added the company to its data leak site, stating that one of its affiliates stole gigabytes of sensitive data.
LockBit stated that they are giving some time for the group to protect the data “which includes hundreds of gigabytes of data and all financial of the franchise, including employee salaries, franchise royalty payments, master franchise commission payments, restaurant turnovers, etc.” If they do not, the group will sell it to competitors. The company has added the company to its data leak site.
The message was posted on January 21, and the attackers have given Subway time until February 2 to pay a ransom. However, Subway’s spokesperson claims the company is still validating the hackers’ claims.
For your information, LockBit is one of the most active ransomware groups, victimizing thousands of organizations. In June 2023, the US government reported that the LockBit gang has targeted 1,700 entities in the US since 2020, making over $90 million in ransom payments.
What’s surprising for many in this incident is that Subway was unaware of the ransomware attack. However, this isn’t strange because, lately, hackers are skipping the ransomware attacks’ encryption part and focusing on stealing data since designing, developing, maintaining, and deploying ransomware has become too difficult. Companies have substantially improved their data backup and defence; therefore, threat actors steal data and demand payment for not disclosing it publicly.
It is worth noting that Subway has 20,000 locations worldwide and over 400,000 employees, so the data leak could have lasting implications for its customers if it happened. To protect yourself from online threats, be cautious when clicking links or opening attachments, use strong passwords, enable two-factor authentication, keep software and operating systems updated, and invest in reputable antivirus and anti-malware software. Practice good cyber hygiene for the best defence against cybercrime.