Cybernews reports that the U.S. Federal Reserve Board had data allegedly stolen from its central banking system exposed by the LockBit ransomware operation following failed negotiations.
Included in the leaked data, which was spread across 21 links, were parent directories and torrent files, as well as compressed archives from U.S. banking-as-a-service provider Evolve Bank and Trust, which was recently subjected to a cease-and-desist order from the Federal Reserve Board following the discovery of several lapses in its risk management, consumer compliance, and anti-money laundering programs. Such a threat from LockBit was noted by HackerOne Director of Professional Services Josh Jacobson to highlight the vulnerability of government entities to ransomware attacks, which could have significant ramifications. However, Securin Lead Security Analyst Aviral Verma said that LockBit, which was the most prolific ransomware operation before being clamped down by international law enforcement earlier this year, may be bluffing with its claims. "There's suspicion that the Federal Reserve claim might just be attention seeking, or even a ploy to regain notoriety among potential affiliates," Verma added.