Data relating to Thales, whose LockBit 3.0 group had claimed the theft, was put online on the dark web on Thursday, we learned on Friday from the defense and technology group, for which there is “ no impact on its activities. “On November 10, 2022, an extortion and ransomware group (LockBit 3.0) released data relating to Thales on its platform,” said the latter in a statement, confirming information from franceinfo.
There is “no intrusion” into the group’s information systems, said Thales, who mentions “two probable sources of information theft”. The first has been identified: it is the “account of a partner on a dedicated exchange portal” set up with Thales, according to the group, for whom this led to the disclosure of a “limited” volume. information. Investigations to identify the other source of the theft are continuing.
Minimize potential impact on customers
“Thales works closely with the relevant partner and provides the necessary resources and technical support to minimize any potential impact on customers and affected stakeholders,” adds the company.
The Russian-speaking group LockBit 3.0 disrupted the operation of the South Francilien Hospital Center (CHSF) in Corbeil-Essonnes by launching a spectacular cyberattack in August. He demanded a ransom of $10 million and then released patient, staff and partner data.
No ransom demand
For the attack on Thales, the hackers threatened to publish “all available data” on November 7, documents they said were “very sensitive, confidential, high risk”, citing the functioning of the company, commercial documents, accounting records, customer files, software. Thales says it has “not been the subject of any genuine ransom demand”.
The announcement of the disclosure of stolen data seemed to alarm investors: the Thales share price was down 7.57%, to 113.55 euros, late Friday afternoon on the Paris Stock Exchange , in a rising market.