LockBit 3.0 Ransomware Attack on Electronic Maintenance Associates

Incident Date: May 08, 2024

Attack Overview

VICTIM

Electronic Maintenance Associates,

INDUSTRY

Energy, Utilities & Waste

LOCATION

USA

ATTACKER

Lockbit

FIRST REPORTED

May 8, 2024

Request Removal

Ransomware Attack on Electronic Maintenance Associates by LockBit 3.0

Victim Profile

Electronic Maintenance Associates (EMA Inc.) is a company based in Norcross, Georgia, specializing in energy savings solutions for medium voltage applications using Variable Frequency Drives (VFDs). They are known for their expertise in retrofitting existing applications with VFDs, focusing on energy efficiency in the HVAC market.

Company Standout

EMA Inc. stands out in the industry for their emphasis on energy efficiency in medium voltage applications through the use of VFDs. They are recognized for their troubleshooting expertise in the field, which is considered a specialized skill set.

Company Vulnerabilities

The company was targeted in a cyberattack by LockBit 3.0 ransomware. The attackers successfully exfiltrated 280 GB of data, which included sensitive information such as invoices and customers' data. A sample of the stolen data was leaked, indicating a potential data compromise. Although no specific ransom demand was made, the attack likely caused significant disruption to the company's operations. Their focus on energy savings solutions and expertise in VFDs could make them an attractive target for cybercriminals seeking valuable data or looking to disrupt critical infrastructure operations.

Ransomware Group Details

LockBit 3.0, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations. The group is known for its advanced capabilities, including file encryption, desktop modifications, and lateral movement within networks to cover its tracks.

LockBit May Attacks

This ransomware attack on Electronic Maintenance Associates is part of the May 2024 attacks by LockBit 3.0. Following the disruption of its infrastructure in February during "Operation Cronos," LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's resurgence highlights the need for enhanced international cooperation and proactive measures to combat cybercrime effectively.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.