LockBit Claims It Hacked The US Federal Reserve

Uploaded on 2024-06-26 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The LockBit cybercrime gang has claimed to have stolen an enormous database of 33 terabytes of confidential banking data from the US Federal Reserve, which includes sensitive banking information about American citizens.  

Although these claims sound far-fetched, the ransomware gang has warned the US government of a deadline, after which the allegedly stolen data could be leaked to the public.

If confirmed, the Federal Reserve breach would be one of the biggest banking hacks in US history. Being the central banking system of the country, the Federal Reserve operates 12 banking districts in major cities such as Boston, New York, Dallas, Chicago, and San Francisco.

LockBit has put the Federal Reserve on its Dark Web leak site on Sunday 23 June 2024, along with the demand the Fed appoint another negotiator after being low-balled in the ransom mediation. “You better hire another negotiator within 48 hours, and fire this clinical idiot who values American’s bank secrecy at $50,000”, the statement read.

The information included in the 33TB cache said to have been exfiltrated from the Federal Reserve was not confirmed in the listing, only that it includes confidential information of American banking. To date, the Federal Reserve has not confirmed the truth of the information or whether it was breached at the time of writing. 

Security experts are also casting doubt over LockBit's claims. In a message on X discussing the incident, cyber security researcher Dominic Alvieri commented “someone is mad” and expressed some scepticism about how legitimate LockBit’s claims are. Alvieri noted that without any real evidence it is more likely the group is “just blowing off steam”.

Thomas Richards, principal consultant at the Synopsys Software Integrity Group, said, "The ransomware groups try to intimidate and make their notoriety bigger than it is, even with how well known and successful Lockbit has been in the past year.  A statement from them would have caused concern within the US Federal Reserve until it was proven they did not access the systems."

In March this year the US Department of State announced a reward of $15 million for information leading to the arrest and/or conviction of any individual participating in a LockBit ransomware variant attack and for information leading to the identification and/or location of any key leaders of the LockBit ransomware. In May, LockBit’s official Dark Net website was siezed and then reactivated by international law enforcement following a Russian national, Dmitry Khoroshev, being  identified as the leading figure in the cybercrime group..

LockBit is known for claiming high-profile targets, which are often dismissed by the companies involved. 

In April 2023 the group announced it had breached Darktrace, a leading AI-driven cyber security company although these claims were swiftly rebutted by the company.

@AlvieriID    |   Techradar   |    ITPro   |    CyberWire   |   HackRead    |   @LockBit_News   |   CSO Online   

You Might Also Read: 

The Ransomware Threat Landscape Is Diversifying

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« Hacker, Spy, Or Journalist?
The Rising Threat Of Deepfakes »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Outpost24

Outpost24

Outpost24 provides easy to deploy and intuitive solutions to continuously identify, remediate and mitigate vulnerabilities in your network.

National Cyber Security Centre (NKSC) - Lithuania

National Cyber Security Centre (NKSC) - Lithuania

NKSC is the main Lithuanian cyber security institution, responsible for unified management of cyber incidents, monitoring and control of the implementation of cyber security requirements.

QATestLab

QATestLab

QATestLab is a leading International software testing company offering a full range of software testing services including security testing.

Nexusguard

Nexusguard

Nexusguard is at the forefront of the fight against malicious Internet attacks, protecting organizations worldwide from threats to their websites, services, and reputations.

RATEL (SRB-CERT)

RATEL (SRB-CERT)

RATEL has been appointed as the National Center for the Prevention of Security Risks in ICT systems of the Republic of Serbia (SRB-CERT).

Cognyte

Cognyte

Cognyte is a global leader in investigative analytics software that empowers a variety of government and other organizations with Actionable Intelligence for a Safer World.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

SoloKeys

SoloKeys

SoloKeys provides the first open-source FIDO2 security key: Protect your online accounts against unauthorized access by using the most secure login method.

TXOne Networks

TXOne Networks

TXOne Networks offer cybersecurity solutions to protect your industrial control systems to ensure their reliability and safety from cyberattacks.

IntegraONE

IntegraONE

IntegraONE is a IT solutions provider offering a full range of networking and technology solutions.

CybersCool Defcon

CybersCool Defcon

CybersCool is committed to educate and train, re-skill and up-skill the current workforce of various industries and businesses in the knowledge and know-how of cybersecurity.

Maintel

Maintel

Maintel provides cloud and managed communications services. We help our customers to deliver exceptional customer experiences, and to securely access their applications and their data.

DIGISOC

DIGISOC

DIGISOC, a leader in Latin America in Cybersecurity solutions, combines machine learning with human intelligence to be effective in detecting cyber threats.

Techtron Business IT Services

Techtron Business IT Services

TECHTRON has been providing business IT services since 2004. Our focus is on SMBs and we are good at it. Our customers trust us, they love our high levels of service, and they love what we stand for.

Ark Infotech

Ark Infotech

Ark Infotech is a provider of cloud management services, selective support services, and technology solutions.

ReformIT

ReformIT

ReformIT is a Managed IT Service and Security provider with many years experience helping companies find the right IT solutions to meet the needs of their businesses.