LockBit 3.0 Ransomware Attack on Lenmed Private Hospital Group

Incident Date: May 08, 2024

Attack Overview

VICTIM

Lenmed Private Hospital Group

INDUSTRY

Healthcare Services

LOCATION

South Africa

ATTACKER

Lockbit

FIRST REPORTED

May 8, 2024

Request Removal

Ransomware Attack on Lenmed Private Hospital Group

Victim Profile

Lenmed Private Hospital Group, a world-class chain of private hospitals operating in Southern Africa, was targeted by the LockBit 3.0 ransomware group in a cybercrime attack. The attackers managed to exfiltrate a significant amount of sensitive data, including financial records, patients' information, and personally identifiable documents. A sample of the stolen data was leaked by the attackers, but the ransom demand remains undisclosed. The attack has raised concerns about the security of Lenmed's systems and the potential impact on the affected individuals.The company provides high-quality healthcare services across South Africa, Botswana, and Mozambique, offering specialized medical disciplines and allied services.

Company Size and Industry Standing

The company has 3,353 employees and generates a revenue of $206.2 million. The company is known for its state-of-the-art facilities, highly qualified doctors, and specialist services. Lenmed has been serving communities for over 30 years and is a prominent private hospital group in Africa.

Ransomware Group Distinction

The LockBit 3.0 ransomware group, also known as LockBit Black, is a highly sophisticated Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations. LockBit 3.0 distinguishes itself by its advanced encryption capabilities, obfuscation techniques, and the ability to move laterally through a network via group policy updates, making it a formidable threat in the cybersecurity landscape.

LockBit May Attacks

This ransomware attack on Lenmed Private Hospital Group is part of the May 2024 attacks by LockBit 3.0. Following the disruption of its infrastructure in February during "Operation Cronos," LockBit resurfaced with vigor, targeting over 50 victims within hours of reactivating its platform. The group's adaptability and global reach showcase the challenges faced by law enforcement in combating cybercrime effectively. LockBit's resurgence underscores the need for enhanced international cooperation and proactive measures to counter evolving cyber threats.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.