Deutsche Telekom claimed by LockBit, dozens more ransom victims

Deutsche Telekom was one of dozens of companies from around the globe posted on the infamous LockBit ransomware leak list of victims on Monday.

The Russian-linked ransomware cartel's May 6th update of its darknet blog gives the German telecommunications company a May 21st deadline to start negotiations and pay its undisclosed ransom demand.

But, according to Deutsche Telekom spokesperson Christian Fischer, LockBit’s claim is all ransomware hearsay.

“The facts: On a website operated as-a-service by a group called LockBit, the names of 40 companies from which data is said to have been stolen have been published,” Fischer said in a statement sent to Cybernews.

“Among them is Deutsche Telekom AG. Everything else is pure speculation currently,” Fischer concluded.

Deutsche Telekom is one of the world's leading fixed-network, broadband, and mobile service providers, with a combined 299 million customers and nearly 200,000 employees across more than 50 countries, according to its website.

In 2023, Deutsche Telekom reported earnings totaling 112 billion Euros.

Besides the telecom giant, the ransom gang posted a whopping 57 other victims, both small and large companies, according to the blog.

Deutsche Telekom LockBit site
LockBit dark leak blog. Image by Cybernews.

Ransomware victims include Canadian internet provider Netspectrum and the Church of Sweden, the South American Banco de Venezuela, the Hotel and business complex Indonesia Kempinski, and Foxsemicon Technology group in Taiwan.

All the victims were given the same deadline of May 21st. So far, LockBit has not specified how much data – if any – it may have obtained from any of the victims.

Victim locations range from the US, Australia, Belgium, Brazil, Canada, Croatia, Germany, France, Indonesia, Poland, Taiwan, Turkey, and even the government offices in Mexico's Yucatán Peninsula, which was also a victim of ALPHV/BlackCat before they excommunicated themselves from the ransomware scene.

Deutsche Telekom LockBit site all victims
LockBit dark leak blog. Image by Cybernews.

LockBit faces off with FBI, again

In other LockBit related news Monday, the FBI, who have been attempting to takedown the gang for good, decided to update a previously seized LockBit leak site.

In the update, the FBI teased it would be posting new and damaging information about their investigation into the ransom gang and possible whereabouts of its leader LockSupp.

It’s not clear if the gang, feeling pressure from law enforcement, decided to dump all 58 victims in one day, but according to researchers at vx-underground, 75% of the companies listed on May 6th have been posted by LockBit in the past.

In February, a joint operation between the United Kingdom, the United States, and Europol led to the gang’s bust and take over of LockBit’s own online infrastructure.

Although the site was under FBI control and was reworked to mock the gang, LockBit was back up and running within a few weeks.

According to the Cybernews ransomware monitoring tool, Ransomlooker, LockBit accounted for 47% of all publicly announced ransomware victims over the last 12 months, netting the gang profits in the multi-billions.

The group recently claimed a cyberattack on the Hôpital de Cannes in the south of France, leaving hospital staff to cancel a third of surgeries and, for days, use pen and paper to update patient charts for days.

Big gets for LockBit in 2023 included companies such as Boeing and Allen & Overy, as well as the massive November exploit of the Citrix bug zero-day vulnerability.

More from Cybernews:

Robinhood crypto hit with SEC Wells notice, action likely

Customer data from major Chinese banks allegedly up for sale

Netflix's password policy pays off, but questions remain about no subscriber stats in 2025

Paris 2024 preparing for unprecedented cyberthreats 

Meta and Georgia Tech use AI to advance carbon capture solutions 

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked