Was Department of Justice data stolen by the LockBit 2.0 group? In any case, this is what he claims. For a few days, the blog of these hackers has displayed the “justice.fr” site on its hunting board, with the promise to publish 9,859 files within 13 days if the requested ransom is not paid. The “justice.fr” site is a portal dedicated to litigants, where they can find practical information and advice and take legal action online. He also has a “personal space” to manage his current files.
Is the hackers’ claim true? Apparently, they were quite successful in getting a foothold in part of the department’s information system. The journalist Emile Marzolf confirms, based on an internal source, that a cyberattack has indeed taken place. But its extent and impact are not yet known. The ministry has “immediately organized to carry out the necessary checks, in conjunction with the competent services in this field”i.e. ANSSI.
an attack “unprecedented in its intensity”
The Ministry of Justice is not the only French target that the LockBit 2.0 group is currently demanding a ransom from. On the blog, we also find the city of Saint-Cloud and the company ESTPM (Etudes Services Travaux Parisiens et Matériaux), with respectively 7,961 and 3,778 allegedly stolen files. For its part, the city of Saint-Cloud confirmed the cyberattack.
“Thursday night [20 janvier] See you Friday [21 janvier], the computer systems of the City of Saint-Cloud were the subject of an organized cyberattack. This type of attack, unprecedented in its intensity, could not be avoided despite the reinforced security measures applied on a daily basis to protect the data and the integrity of the computer resources connected and installed on the City’s computer systems (… ) Currently, municipal agents do not have access to all of their working documents as well as to the printers and scanners located in the departments; Internet access is very limited. »can have read in a communicated.
There is, for the moment, no communication from ESTPM. But since the website is currently unavailable, it seems that there has indeed been a malicious technical incident. Thales had also been targeted by LockBit 2.0. However, the French group’s information system was not hacked. The hackers only managed to get their hands on code files deposited on GitLab.
Also see video:
Anyway, these different actions prove that LocktBit 2.0 hackers are very on the lookout and jump on anything that moves. System administrators have an interest in verifying their access.