American fast food chain Subway was the target of a serious cyberattack, which was made public through a post by the LockBit gang on its Tor data leak website. The ransomware group claimed responsibility for the breach, which targeted the bank of internal data and led to the compromise of confidential information, including employee salaries, franchise royalty payments, master franchise commission payments, restaurant turnover, among others.
The gang set February 2nd as the deadline for paying the data ransom and, in its message, cited a critical security breach on the part of Subway and accused it of minimizing the seriousness of the situation.
LockBit operators claim to have exfiltrated hundreds of gigabytes of data and reinforce an ultimatum: “either Subway takes action to protect the compromised data immediately or the stolen information could be put up for sale to competitors.”
In the statement, the hackers add that the cafeteria chain is pretending that nothing happened. “We exfiltrated Subs’ internal system, which includes hundreds of gigabytes of data and all financial aspects of the franchise. We are giving them time to come and protect this data; otherwise, we are open to selling it to competitors”, says the message published on the leaks website Tor.Subway has not yet commented on the alleged violation. The website Cyber Express contacted the fast food giant but received no response.
Source: CisoAdvisor
