Ransomware Attack on The County Group by LockBit 3.0

Incident Date: May 16, 2024

Attack Overview

VICTIM

The County Group UK Brokers

INDUSTRY

Insurance

LOCATION

United Kingdom

ATTACKER

Lockbit

FIRST REPORTED

May 16, 2024

Request Removal

Ransomware Attack on The County Group by LockBit 3.0

Victim Overview

The County Group, a UK-based insurance broker, fell victim to a cyberattack by LockBit 3.0 ransomware group. The company operates in the insurance sector, providing various insurance products and services to individuals and businesses in a specific county or region. The County Group is known for its focus on "bringing insurance back to the community" by offering a traditional personal service combined with modern and forward-thinking approaches.

Company Size and Standout Features

The County Group has over 300 employees and generates revenue exceeding £100 million in Gross Written Premium (GWP). The company has experienced significant growth through acquisitions and branch expansions, establishing a strong presence in the industry. It is part of Brown & Brown, Inc., one of the world's largest insurance broking businesses.

Attack Overview

LockBit 3.0, a Ransomware-as-a-Service (RaaS) group, targeted The County Group's website, encrypting its data with the intention of extorting a ransom for its release. The attack involved file encryption, modification of filenames, changes to desktop wallpaper, and the deployment of a ransom note on the victim's desktop. LockBit 3.0 is known for its advanced capabilities, including lateral movement through networks and data deletion to cover its tracks.

Ransomware Group Details

LockBit 3.0, also known as LockBit Black, is a new variant of the LockBit ransomware that emerged in 2022. It is considered one of the most dangerous and disruptive ransomware threats currently active. The group operates under a Ransomware-as-a-Service model, recruiting affiliates to expand its reach and target a wide range of organizations globally.

Company Vulnerabilities

The County Group's size, revenue, and industry presence make it an attractive target for threat actors like LockBit 3.0. Its extensive network, client data, and financial transactions could be compromised in a ransomware attack, leading to significant operational and financial disruptions.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.