The French defense giant says that ‘at this stage, Thales is able to confirm that there has been no intrusion of its IT systems.’
French defense and technology giant Thales confirmed on Friday that hacker group LockBit 3.0 has published some of its stolen data on the dark web.
Thales, which earlier this week initially revealed that hackers were claiming they stole some of its data and threatening to post it, acknowledged in a follow-up message on Friday that hackers’ previous boasts about stealing and publishing items turned out to be all-too true.
“On November 10, 2022, an extortion and ransomware group (LockBit 3.0) released on its publication platform data pertaining to Thales Group,” said the Paris-based company in a statement.
[RECENT STORY: The 10 Biggest Data Breaches of 2022 (So Far)]
“At this stage, Thales is able to confirm that there has been no intrusion of its IT systems.”
The company added: “Thales security experts have identified one of the two likely sources of the theft, which has been confirmed through the user account of a partner on a dedicated collaboration portal. This has led to the disclosure of a limited amount of information.”
The company said Thales “continues to investigate the other source of theft” and that it’s “working closely with its partner and is providing all of the necessary technical support and resources to minimize any potential impact to concerned customers and stakeholders.” The company concluded: “Thales reiterates that, as of now, there is no impact on the Group’s operations.”
A representative for Thales could not be reached for comment.
After posting its information on the breach, Thales’ stock sank by about 8.4 percent.
Thales, which provides advanced technologies in defense, aeronautics, space and transport, has had a solid business foothold in the US — and was even boasting two years ago to CRN that it planned to increase its already strong channel business here and elsewhere.
The LockBit 3.0 breach at Thales comes as the US federal government is demanding stepped-up cyber vigilance on the part of government vendors.
Among others, the Department of Defense has initiated its own Cybersecurity Maturity Model Certification (CMMC) program that required defense-industry contractors and subcontractors to significantly beef up their cyber protections.
LockBit 3.0 is the latest version of the LockBit ransomware, which Kaspersky has described as a “malicious software designed to block user access to computer systems in exchange for a ransom payment,”
Earlier this week, Bleeping Computer reported that a LockBit 3.0 ransomware affiliated was “using phishing emails to install the Amadey Bot to take control of a device and encrypt devices.”