French defense and technology group Thales confirmed that data relating to the group has been released on the dark web via the publication platform of LockBit 3.0, an extortion and ransomware group.
Thales’s experts have identified one of two likely sources of the data theft and are continuing to investigate the other source of theft. As of November 11, the company affirmed that there has been no intrusion of its IT systems and there is no impact on its operations.
“The Group remains vigilant towards any data theft, systematically mobilizing our teams of security experts, as data security of any of our stakeholders is our utmost priority,” read an excerpt from the company’s statement.
This is the second time this year — the first being earlier in January — that the French company has been the victim of compromised data sharing. At the time of writing, no ransom demand has been reported from Lockbit 3.0.
According to the 2022 Thales Cyberthreat Handbook, the increasing number of organizations that agree to pay a ransom to retrieve their data plays a crucial role in guaranteeing the lucrative nature of this malicious cyber activity. In 2021, 32% of the organizations targeted by a cyberattack agreed to pay a ransom to the hackers, with one hacker group managing to extort 180 million euros from a single cyberattack.