HQ/EMEAFind out how we can help your business
In a post published by the LockBit ransomware gang on their leak site last March 25, the group claimed to have stolen critical data from an Indian financial solutions company ‘Fullerton India.’ Our iZOOlogic researchers discovered this issue upon probing the threat landscape.
Fullerton India Credit Company is a Mumbai, India-based financial solutions firm offering clients a wide range of services. The company’s services include personal loans, business loans, loans against property, two-wheeler loans, home loans, and commercial vehicle loans.
Over 600GB of company data had allegedly been stolen from Fullerton India.
According to our investigations, the LockBit group claimed to have nicked about 600GB of company data from the Indian financial solutions firm coming from a successful hack.
LockBit mentioned that those stolen data are loan agreements with individuals and legal companies, customer status and organisational accounts, agreements with financial institutions, data on international transfers, financial documents, mail correspondence on important transactions with attachments, customers’ personal information, and more others they did not reveal.
The ransomware group updated the post on April 24, highlighting that they are giving Fullerton India until April 29 to pay the ransom demands or they will leak all the stolen data online. Moreover, a range of payment options is also given to the victim company, which includes $1,000 for extending the deadline for 24 hours and $2,999,999 for the threat group to destroy all the stolen information.
Meanwhile, LockBit also allowed other interested hackers to grab the company’s data and let them download it anytime by paying $2,999,999.
The Indian financial solutions firm has yet to release a statement about this alleged hack. Their official website (fullertonindia[.]com) is also up and running per our most recent check.
Cyberattacks against Indian companies and organisations have been increasing over time. Thus, security experts fear that people’s data security and information security will continually be at risk as long as companies fail to implement stronger defence on their infrastructures.
