The LockBit ransomware gang claims the responsibility of breaching the Commission des services electriques de Montréal (CSEM).
The CSEM is a public agency responsible for the undergrounding of electrical wires in the city of Montreal, Quebec.
CSEM confirmed the security breach that took place on August 3rd, 2023. The Canadian company confirmed that it has refused to pay the ransom.
CSEM launched an investigation into the security breach with the help of law enforcement in Quebec. The LockBit ransomware group published the stolen data on August 30, 2023.
The organizations attempted to downplay the impact of the security breach explaining that CSEM projects are the subject of public documents.
“It should be noted that all CSEM projects are the subject of public documents. Therefore, all these plans – engineering, construction, and management – are already publicly available through the official process offices in Quebec.” states the company.
This was followed by a report from Kaspersky, showing that the reported leak of the LockBit 3.0 ransomware builder has led to threat actors abusing the tool to spawn new variants They found 396 different samples based on the LockBit code.