Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Subway reportedly hit by LockBit ransomware - but is it half-baked speculation?

Representational image depecting cybersecurity protection.

Subway has allegedly suffered a data breach at the hands of none other than the notorious LockBit ransomware gang.

According to The Register, the ransomware-as-a-service provider added the sandwich makers to its data leak site earlier this week after one of its affiliates made away with gigabytes of sensitive data.

"We exfiltrated their SUBS internal system which includes hundreds of gigabytes of data and all financial [aspects] of the franchise, including employee salaries, franchise royalty payments, master franchise commission payments, restaurant turnovers etc," LockBit stated. "We are giving some time for them to come and protect this data, if no[t], we are open to sell to competitors."

No comment

In other words, demands were sent Subway’s way, and the affiliate that breached it is now waiting for a response.

At the same time, Subway is giving everyone the silent treatment. Maybe the company tried to keep the news quiet, and maybe it wasn’t even aware of the attack until LockBit boasted about it.

"The biggest sandwich chain is pretending that nothing happened," the group apparently said. 

Subway has allegedly told media sources it is investigating the claims of the breach. If you were wondering how it could be possible that a company wasn’t aware of a ransomware attack (given its disruptive potential) - hackers have started skipping the encryption part and moving straight to the part where they steal the data.

This is a relatively new development that started occurring in the past couple of years. Apparently, building, developing, maintaining, and deploying ransomware on the target system became too cumbersome. Also, with companies getting better at backing up their data and defending from infections, in some instances insisting on the encryptor simply isn’t worth it. Instead, the threat actors would just steal the data and demand money in exchange for not leaking it to the public. 

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.