The ransomware attack hit the virtual mobile telephone operator La Poste Mobile on July 4 and paralyzed administrative and management services.
The company pointed out that threat actors may have accessed data of its customers, for this reason it is recommending them to be vigilant. The company highlight the risks of identity theft or phishing attacks in case their data have been compromised.
“The administrative and management services of La Poste Mobile fell victim, on Monday July 4, to a malicious ransomware-type virus. As soon as we became aware of this incident, we took the necessary protective measures by immediately suspending the computer systems concerned. This protective action has led us to temporarily close our website and our customer area,” reads a statement published by the company on its website that is still down. “Our IT teams are currently diagnosing the situation. Our first analyses establish that our servers essential to the operation of your mobile line have been well protected. On the other hand, it is possible that files present in the computers of La Poste Mobile employees have been affected. Some of them may contain personal data.”
For any additional information concerning personal data, customers can contact La Poste Telecom customer service at the following address: [email protected]
Who is behind the attack?
The Lockbit ransomware operation added the name of La Poste Mobile on its leaksite overnight from Thursday to Friday.
The gang has been active since at least 2019 and today it is one of the most active ransomware gangs. Recently, the Lockbit ransomware operation has released LockBit 3.0, which has important novelties such as a bug bounty program, Zcash payment, and new extortion tactics.
Recent incidents attributed to the group include attacks on a Foxconn factory, a Canadian fighter jet training company, and a popular German library service.
Follow me on Twitter: @securityaffairs and Facebook
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, ransomware)