November 28, 2023 at 12:29PM
The LockBit 3.0 ransomware group successfully encrypted files and allegedly stole data from Egyptian e-payment provider Fawry. Personal details of Fawry customers were said to have been extracted, leading to banks advising customers to remove their account information. Fawry remains confident that financial transactions will not be impacted, but leaked information includes addresses, phone numbers, and dates of birth. Group-IB was called in to investigate and declared the server infrastructure clean of LockBit presence. Some experts praise Fawry’s proactive response, while others criticize the limited information provided.
Meeting Takeaways:
– The LockBit 3.0 ransomware group successfully encrypted files and allegedly extracted data from Fawry, an Egyptian e-payment provider.
– LockBit published a sample of the stolen data on Nov. 8, and Hackmanac reported that personal details of Fawry customers were compromised.
– Fawry stated that financial transactions on its platform would not be affected, but admitted that personal details of some customers, including addresses, phone numbers, and dates of birth, were leaked.
– Group-IB was brought in to investigate the incident and declared Fawry’s server infrastructure clean of LockBit on Nov. 23.
– Anurag Gurtu acknowledges Fawry’s proactive response in employing a cybersecurity firm to investigate the attack and advises other financial entities to take precautionary measures.
– Sumatra Sarkar criticizes Group-IB and Fawry for the limited information released, making it challenging to assess the adequacy of their response.