Hackers say they stole 1.4TB of data from UK’s Kingfisher Insurance

Ransomware group LockBit posted Kingfisher Insurance’s name on their leak site, saying the stolen data included personal details of employees and customers.

Threat actors claim that they breach the servers of a British insurer, Kingfisher Insurance, as well as one of the company’s vehicle insurance brands, First Insurance.

We have contacted Kingfisher Insurance for comment but haven’t received a reply before going to press. The company replied the next day after publication came live. Kingfisher's comments are included in the follow up.

According to the post on LockBit’s leak site, the dataset includes personal data of employees and customers as well as contacts and corporate mail archives. Hackers claim they’ve pooled together 1.4 terabytes of data taken from the insurer.

LockBit-affiliated threat actors posted several email addresses that appear to belong to Kingfisher Insurance staff. The post included passwords to several management system accounts, such as Workday and Access, which the company uses.

Kingfisher is a UK insurance company controlling several prominent UK-based insurance brands. The company owns Classic Insurance Services, ClubCare Insurance, Cork Bays & Fisher, First Insurance, and other brands.

Kingfisher Insurance breach
Announcement on LockBit's leak site. Image by Cybernews.

Criminal leaders

LockBit ransomware leads the digital extortion underworld. A ransomware report by threat intelligence firm Digital Shadows shows that in the second quarter of 2022, LockBit was the most active group by an overwhelming margin.

LockBit and its affiliates accounted for a third of all cyberattacks attacks involving organizations being posted to ransomware data-leak sites. Researchers attributed 231 victims to LockBit.

While LockBit is far from the only successful ransomware group, it has outlasted many competitors. Prominent groups like REvil, Darkside, and Cl0p came and went, either regrouping or disbanding.

More recently, the Conti ransomware gang seems to have closed up shop once at the top of the ransomware game. Meanwhile, LockBit has been in the game since 2019, a lifetime in the ransomware business, releasing the second and, recently, the third generation of malware.

Pundits think LockBit’s success stems from the group’s ability to combine a business-oriented approach with specialized tech.

More from Cyberenews:

Revisiting Eternal vulnerabilities amid Halloween horror

Support charity of the rich: Musk wants to add the “donate” option to Starlink

Is Meta in trouble? Everyone is mocking social media giant’s strategy

When the Black Axe falls: cybercrime suspects detained in global bust

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked