The LockBit ransomware gang claims an attack on submarine sandwich stoner Subway and claims to have made off with a large amount of data.
A leaked Rockbit blog post published on January 21 alleges that one of the company’s affiliates infiltrated Subway’s database and stole sensitive data about “all financial aspects” of the fast food franchise. Suggests.
“The largest sandwich chain is pretending nothing happened,” the perpetrators said, underscoring the silence of the company’s official channels.
The details of the incident are still mere speculation at this point. The company has not responded to our request for a new statement, but has told a wide range of media outlets that it is currently investigating the validity of the claims. As of this writing, it had not been published.
“We stole SUBS internal systems, including hundreds of gigabytes of data and all financial information. [aspects] “Franchise amounts include employee salaries, franchise royalty payments, master franchise commission payments, restaurant sales, etc.,” Rockbit claims.
“If not, we’ll give them some time to come and secure this data.”[t], our company welcomes sales to competitors. ”
The last line here suggests that LockBit is giving Subway time to consider the request it is almost certainly passing on.
It is unclear whether ransomware was involved or whether the criminals’ claims relate only to data theft and extortion. This is because ransomware criminal organizations have become increasingly “focused” on this in recent years.
A recent deep dive into LockBit’s inner workings revealed a revamp of how it works with victim incident response teams. Part of the reason is that its affiliates caved in to the organization and were unable to secure the expected ransom payment.
From information collected in 2023, Rockbit has established clear guidelines for ransom demands and how generous discounts affiliates can offer before walking away from the table.
Because Subway isn’t a publicly traded company, it doesn’t release revenue statistics as regularly as some fast-food competitors. LockBit calculates ransom demands based on a percentage of the victim’s annual revenue, but the percentage in this case is less specific than in other attacks.
Without official numbers, Rockbit may make its own estimates or base their calculations on open-source numbers, which vary widely depending on the source. In any case, given historical cases of large companies, the amount requested will likely be in the tens of millions of dollars.
It remains to be seen how this incident will play out, but if Subway still takes security as seriously as it did when developing its Android apps, then the company’s hardcore security geeks might be willing to pay the ransom. They may choose labor-intensive recovery and rebuilding. .
A teardown of the company’s Android app in 2015 revealed that its developers and security team applied security measures only found in high-end banking apps. ®