Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On February 8, the LockBit ransomware group claimed to have stolen substantial customer data from cryptocurrency exchange PayBito. PayBito is a cryptocurrency exchange operated by HashCash, a global blockchain, and IT services company. Some of the stolen data is published on the group's Tor leak site. In this cyberattack, the ransomware group successfully stole a database containing personal data information from more than 100,000 customers worldwide. In addition, the group also stole some email data and password hashes, some of which can easily be decrypted. To make matters worse, the gang also managed to steal the administrator's personal data, claiming that the stolen data would be released on February 21, 2022, if the ransom is not paid. Attack method (per SlowMist): Ransomware. Reported loss: -.
- chain
- —
- protocol
- PayBito
- bug_class
- unknown
- date_occurred
- 2022-02-08
- loss_usd
- —
- source_id
- sm:paybito::2022-02-08