The LockBit 3.0 ransomware group successfully encrypted files and also allegedly exfiltrated data from Egyptian e-payment provider Fawry.
Word of the breach went public when LockBit published on its dedicated leak site on Nov. 8 a sample of data that was allegedly stolen during the breach of Fawry’s infrastructure. The following day, cybersecurity monitoring platform Hackmanac claimed that the LockBit 3.0 ransomware attack had extracted the personal details of Fawry customers, leading to multiple banks advising customers to remove their account information from Fawry's platform.
Hit Files and Data
In a statement this week about the attack, Fawry said: "Fawry remains confident that this data will not impact financial transactions on its platform, but the company believes it may have included the personal details of some customers whose information had been on the testing platform as part of a system migration project." It also confirmed that some of the leaked details include addresses, phone numbers, and dates of birth.
Group-IB was called in to investigate the incident on Nov. 9, and over three days, it deployed "proprietary advanced cybersecurity solutions across 100% of Fawry’s server infrastructure," declaring the production and testing environments to be "clean as of Nov. 23 of LockBit presence."
Support the originator by clicking the read the rest link below.
