LockBit adds ALDO Shoes to its victim list, company shrugs off incident


The notorious ransomware gang LockBit has added ALDO Shoes, a Canadian multinational corporation retailer that owns and operates a worldwide chain of shoe and accessories stores, to its victim list. The company says it has contained the incident.

The Russia-linked ransomware gang posted ALDO shoes on its website late Tuesday. LockBit says that “files will be published,” and has given a deadline of December 25th for the company to pay the ransom or else the stolen data will be published.

However, ALDO Group soon told Cybernews that the incident involved one of their franchise partners' systems and was quickly contained without impact on their operations. No systems owned or operated by ALDO Group were affected.

"Following a thorough investigation, our partner has confirmed that the affected data is limited to information pertaining to their operations in a specific overseas territory. The affected data does not contain any ALDO customer financial or payment card information, as they do not store data of that nature," the firm told Cybernews.

Aldo ransomware
LockBit has claimed ALDO. Image by Cybernews.

Just recently, LockBit attacked the huge Boeing company and leaked 50GB of data after the global jetliner manufacturer allegedly ignored the gang’s warnings.

In early November, LockBit leaked the first batch of information which included a trove of sensitive company data, such as engine part suppliers and technical operators, as well as Boeing’s financial and marketing data.

Typically, such a warning is an indication that the company refuses to succumb to the gang’s ransom demands.

The LockBit group first appeared on the ransomware scene sometime in late 2019. Since then, the gang has climbed to the top of the food chain, topping many lists in terms of victimized organizations.

The threat actors are said to have executed over 1,400 attacks against victims in the US and around the world, including Asia, Europe, and Africa.

The gang’s notorious ransomware variant LockBit 3.0 – also known as LockBit Black – is now in its third iteration and is considered the most evasive version of all previous strains, a US Department of Justice report said.

The group is also said to have received tens of millions of dollars in actual ransom payments collected in Bitcoin.


More from Cybernews:

News Corp's UK papers settle phone-hacking claims with high-profile figures

Adobe’s InDesign exploited in new wave of phishing attacks

Beware: predatory Android loan apps spy, harass, and blackmail users

Report: Apple and Paramount consider bundling streaming services

UK regulator lists age verification requirements for adult websites

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked