Indian lender Fullerton India has been hit by the LockBit 3.0 ransomware group, which has leaked 600 gigabytes of critical data stolen from the company. Fullerton India reported the malware attack on April 24, which temporarily forced the company to operate offline as a precaution. The company resumed customer services and worked with cybersecurity experts to make its security environment more resilient. However, LockBit 3.0 soon listed Fullerton India as a victim on its data leak site, stating it had stolen more than 600 gigabytes of loan agreements with individuals and legal companies.
The LockBit group demanded a $3 million ransom from Fullerton India to avoid publishing the stolen data, setting an April 29 deadline. The group also gave the company the option to pay $1,000 to extend the deadline by 24 hours. Evidence has emerged that the data leak occurred because Fullerton India refused to engage with the ransomware group, leading to LockBit initiating triple-extortion tactics to force the company to pay.
Triple-extortion tactics involve hackers contacting a victim’s clients, business partners, vendors, and customers to make the breach public and force the victim to come to the negotiating table. Fullerton India operates 699 branches across India, offering doorstep credit services to around 2.1 million customers. The company had more than $2.5 billion worth of assets under management and employed over 13,000 people in 2022. The LockBit group has increasingly targeted large organizations, with the FBI warning of the group’s activities in late 2020.
