cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

LockBit ransomware attack on UK financial firm has global repercussions

Russian-affiliated ransomware operator LockBit has set its sights on an Irish financial services and trading company, with the impact affecting derivatives traders in the United States and Europe.

user icon David Hollingworth
Fri, 03 Feb 2023
LockBit ransomware attack on UK financial firm has global repercussions
expand image

The Ion Group specialises in the automation of financial services, with treasury and commodity products across a vast range of industries. According to Bloomberg, the attack has impacted 42 Ion Group clients, forcing them to process trades manually.

Ion has issued a statement, but it’s hardly illuminating at this stage.

“ION Cleared Derivatives, a division of ION Markets, experienced a cyber security event commencing on 31 January 2023 that has affected some of its services,” Ion said. “The incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing. Further updates will be posted when available.”


However, global trading company FIA has been a bit more illuminating.

“FIA is aware of network issues caused by a cyber incident on certain ION Group systems which are impacting the trading and clearing of exchange traded derivatives by ION customers across global markets. We are working with impacted members, including clearing firms and exchanges, as well as market regulators and others, to assess the extent of the impact on trading, processing, and clearing,” FIA said in their own statement.

“FIA is coordinating communication and information sharing, through regular calls with relevant parties assessing the firms impacted, how firms can work together to mitigate the disruption and seeking clarity over concerns about affected regulatory obligations and reporting.”

After the 31 January attack, LockBit posted notice of the breach on its own leak site on 2 February, and a ransomware note is circulating, threatening to publish the stolen files on 4 February.

Otherwise, details of the hack are light at the moment. We have contacted the Ion Group for more details.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.