La Poste Mobile, a French telecommunications company with nearly 2 million customers, has become a victim of the LockBit ransomware group. The attack was carried out on July 4th, which subsequently led to La Poste Mobile taking their website offline. At the time of writing, the services on their website are still inaccessible and there is a message to their customers that is displayed. A portion of that message reads, “Our IT teams are currently diagnosing the situation. Our first analysis shows that our servers, which are essential to the operation of your mobile line, have been well protected. However, it is possible that files present on the computers of La Poste Mobile employees have been affected. Some of these files may contain personal data.” At this time, mobile services are still available, but it’s likely information was accessed by the threat actors. This in turn could cause some customers to become targets of phishing attacks. LockBit has continued to be a prominent threat since coming onto the scene in 2019. NCC Group reported in May that the LockBit ransomware group were responsible for 40% of all ransomware attacks.
La Poste Mobile should consider adopting a defense-in-depth strategy in the future. Customers of La Poste Mobile should be aware of the increased likelihood that they will be targeted in phishing attacks. Messages from unknown senders should be dealt with cautiously and attachments should not be interacted with unless they can be verified.