Ransomware Attack on Grupo MPE by LockBit 3.0

Victim Profile

Grupo MPE is a public company based in Seville, Spain, specializing in integrated occupational risk prevention services and training solutions. With 501-1,000 employees, Grupo MPE offers a comprehensive range of occupational risk prevention services, including safety, hygiene, ergonomics, psychosociology, and occupational medicine. They also provide customized training solutions to meet the specific needs of companies and their workers.

Company Standout

The company stands out in the Healthcare Services sector for its holistic approach to occupational health and safety services. By offering a wide range of services and personalized training solutions, they help businesses comply with health and safety regulations and create a safe work environment for their employees.

Attack Details

Grupo MPE fell victim to a cyberattack by the LockBit 3.0 ransomware group, where the attacker exfiltrated 622 GB of sensitive data, including certificates, contracts, PII, insurance data, and financial data. The leaked data poses risks such as identity theft, financial fraud, and reputational damage to the company and its stakeholders.

Ransomware Group Analysis

LockBit 3.0, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations. The group distinguishes itself by its advanced encryption techniques, obfuscation, lateral movement capabilities, and the ability to cover its tracks effectively.

Sources:

• Grupo MPE Website
• VMware Blog - LockBit 3.0
• SentinelOne - LockBit 3.0
• Trend Micro - LockBit Ransomware Group
• Times of India - LockBit 3.0