Due to an alleged ransomware attack by the notorious LockBit ransomware gang, the multinational fast-food restaurant giant Subway is facing a potential PR nightmare. Reports suggest Subway’s systems were exploited by the LockBit gang, known for its aggressive modus operandi.
After the LockBit ransomware organisation claimed to have breached Subway's internal SUBS systems and stolen an abundance of data, the firm launched an investigation. The ransomware-as-a-service provider listed the company on its data leak website, claiming that one of its affiliates took gigabytes of critical details.
LockBit indicated that they are allowing the company some time to preserve the data, "which includes hundreds of gigabytes of data and all financial of the franchise, including employee salaries, franchise royalty payments, master franchise commission payments, restaurant turnovers, etc." If they do not, the notorious outfit plans to sell it to competitors.
The message was posted on January 21, and the criminals gave Subway till February 2 to pay the extortion. However, Subway's spokesperson states that the company is still investigating the hackers' claims.
For your information, LockBit is one of the most active ransomware groups, having targeted thousands of organisations. The US authorities claimed in June 2023 that the LockBit gang had targeted 1,700 companies in the US since 2020, collecting more than $90 million in ransom.
Many people were surprised to learn that Subway was unaware of the ransomware attack. However, this is not surprising given that hackers are increasingly focusing on data theft rather than ransomware encryption, since developing, creating, maintaining, and delivering ransomware has become too difficult. Companies have significantly improved their data backup and defence systems; as a result, criminals steal data and demand payment for not releasing it publicly.
It is worth mentioning that Subway has 20,000 stores worldwide and over 400,000 employees, so the data leak might have long-term consequences for its customers if it unfolds. To protect yourself from online risks, avoid clicking links or opening attachments, use strong passwords, enable two-factor authentication, maintain software and operating systems up to date, and invest in reliable antivirus and anti-malware software. Adequate cyber hygiene is the best approach to fight against cybercrime.