ION Trading, a financial service company from the UK, was the latest victim of a ransomware attack that forced traders to manually process trades. The LockBit ransomware gang has claimed responsibility.
The incident is said to have been contained to a specific environment, affected servers disconnected and the remediation of services is underway.
The attack has left scores of brokers unable to process derivatives trades, with attempts to remediate the situation possibly taking days.
ION didn’t disclose the form of attack, but LockBit has claimed responsibility for the attack on its dark web leaks site. The listing doesn’t provide details on how LockBit gained access to ION’s network, but the ransomware gang is threatening to release all the data it stole from the company on Feb. 4 if demands aren’t met.
The leaked data may include sensitive information. Notable ION customers that may be affected by the data theft include ABN Amro Bank N.V. and Italy’s largest bank Intesa Sanpaolo s.P.A.