[Info Numerama] Nuxe, the French cosmetics brand, was the victim of an attack carried out by the hacker collective Lockbit. This same group is responsible for the cyberattack against the Corbeil-Essonnes hospital.
New French victim for the Russian-speaking hacker gang Lockbit. The collective published this January 12, 2023 a ransom demand of around 300,000 euros against the famous cosmetics brand Nuxe. The group has until January 26 to pay the amount demanded to the criminals. A 29 GB database is currently blocked on the Lockbit darknet site. If the victim does not pay the amount in time, the hackers will probably resell the data or distribute it online.
Document captures attest to the theft of information from the French company. A subcontracted laboratory would also be affected. Note that anyone can also purchase all files upstream.
Contacted by Numerama, the Nuxe company confirmed that it had been attacked by Lockbit:
” The Nuxe group was indeed the victim of a cyberattack affecting some of its applications. Nevertheless, the immediate mobilization of the teams made it possible to restore their availability as soon as possible. We have launched an investigation to determine the full origin of this event, with the assistance of experts specialized in cybersecurity. We have filed a complaint with the public prosecutor and notified all the competent authorities. The security of our IT systems is a priority and we will continue to take all necessary measures to protect them.. »
Nuxe is one of the world leaders in natural cosmetology. The group is present in 60 countries and achieved a worldwide turnover of 275 million euros last year.
Software rented to hackers
Lockbit is one of the most prolific ransomware in the world. It received significant media attention when it was used to paralyze the Corbeil-Essonnes hospital on August 21, 2022. This malware is managed by a team of hackers who rent it out, just like Adobe provides Photoshop, by example. Hackers — pre-screened by managers — can then use the ransomware to get rich. A commission on revenue is paid to the administrators of Lockbit, around 20% on each sum paid to criminals.
The amount demanded from Nuxe is a little lower than the average ransom, which can reach several million euros depending on the victims. Cyber threat expert Azim Khodjibaev thinks Lockbit needs money quickly to protect its own site and pay developers to improve its software. The group recently demanded 250,000 euros from Datair, a company specializing in office software.