Envision Credit Union in Tallahassee may have been the most recent victims of LockBit 2.0, according to Datminr. Research from Datminr revealed that LockBit 2.0 threatened to release data they had stolen today. Media source the Tallahassee Democrat reached out to the credit union to ask questions about the validity of the attack, and this is what they got back, “Envision Credit Union recently began experiencing technical difficulties on certain systems, despite extensive security measures in place. We are taking all appropriate steps to respond to the event, including isolating impacted systems, conducting an investigation with the assistance of third-party computer specialists into the nature and scope of the event, and notifying law enforcement. We want to assure the public that at this time, none of our members’ funds have been put at risk by this event, and no member-facing computer systems have been affected. We are working to ensure the continued privacy of members’ account information.” It appears they’ve all but confirmed that the attack happened, and that could change soon if information is released.
Depending on if a LockBit 2.0 attack is officially confirmed, Envision should consider increasing its security measures. To better protect themselves, Accenture should consider combining an anti-virus solution with endpoint monitoring. At Binary Defense our dedicated analysts in the Security Operations Center (SOC) will monitor endpoints on a 24/7 basis for any signs of intrusion and work with or clients to mitigate the attack before it becomes a more siginificant issue.