Ransomware Attack on LenelS2: A Closer Look at the Play Ransomware Group's Latest Target

LenelS2, a division of Carrier Global Corporation, has recently fallen victim to a ransomware attack orchestrated by the notorious Play ransomware group. Known for its sophisticated physical security solutions, LenelS2 specializes in access control, video surveillance, and mobile credentialing. The company, headquartered in Rochester, New York, serves a diverse clientele, including Fortune 100 companies, educational institutions, and government entities.

LenelS2: A Leader in Physical Security Solutions

Established in 1991, LenelS2 has grown to become a prominent player in the business services sector, particularly in integrated physical security solutions. The company's flagship product, the OnGuard system, offers comprehensive security management with an open architecture that allows seamless integration with third-party technologies. This flexibility and adaptability have positioned LenelS2 as a leader in the industry, catering to both small businesses and large enterprises.

Play Ransomware: A Sophisticated Threat Actor

Emerging in June 2022, Play ransomware, also known as PlayCrypt, has distinguished itself through its innovative tactics and targeted campaigns. Unlike affiliate-based Ransomware-as-a-Service groups, Play operates with a closed structure, enhancing its operational secrecy. The group is known for its intermittent encryption technique, which encrypts only portions of files, making detection by endpoint defenses challenging.

Details of the Attack

The Play ransomware group has announced its intention to release LenelS2's data on November 26, 2024. While the exact size of the leaked data remains undisclosed, the attack underscores the potential impact on LenelS2's operations and reputation.

Sources

• Ransomware on the Move: 3AM, Play, Qilin, RansomHub - Halcyon
• LenelS2 Official Website
• LenelS2 Company Profile - Craft