cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Darktrace confirms LockBit never breached its systems

Following claims by LockBit that Darktrace’s systems had been compromised, cyber security firm Darktrace has stated that it has verified that its systems were never breached.

Darktrace issued the statement on Thursday last week (13 April) after the LockBit ransomware group posted a number of tweets claiming to have accessed the cyber security organisation’s systems.

“Earlier this morning, we became aware of tweets from LockBit, the cyber criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data,” said the statement.

“Our security teams have run a full review of our internal systems and can see no evidence of compromise.

“None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations, we are confident that our systems remain secure, and all customer data is fully protected.”

The next day (14 April), the firm confirmed that its systems remained intact and that LockBit never had access.

We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems,” said the chief information security officer at Darktrace, Mike Beck.

“We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.”

Cyber security experts are saying that LockBit had Darktrace with Darktracer, a cyber security monitoring service that had recently criticised the ransomware group for increasingly filling its list with fake data.

There is no evidence to suggest Darktracer was hit by an attack either. LockBit responded to Darktracer’s critique, saying that the mass of fake data posted to its website was test data that hackers posted while doing system maintenance.

LockBit has previously added organisations to its site as revenge. Last year, cyber security firm Mandiant was added after it released a blog post tying the ransomware group to Russian-based cyber criminal group Evil Corp, a group which is on the US government’s sanctions list and was responsible for hundreds of attacks since 2007.

There was also no evidence that Mandiant was ever breached.

Like with Darktrace and Darktracer, LockBit had also confused organisations before, after demanding £65.7 million (roughly $114.5 million) from Royal Mail, when it meant to do from parent company Royal Mail International.

user icon Daniel Croft
Mon, 17 Apr 2023
Darktrace confirms LockBit never breached its systems
expand image
Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.