LockBit ransomware claimed responsibility for a cyberattack on Essendant, a wholesale distributor of office products after a “significant” and ongoing outage took the company’s operations offline.
As reported earlier per BleepingComputer, the widespread outage of Essentant’s network prevented the placement or fulfillment of online orders, and impacted both the company’s customers and suppliers. Cargo carriers have also been asked to suspend all pick-ups until further notice.
Since our report was published, BleepingComputer has received multiple tips from Essendant employees and/or customers, with some alleging it was a ransomware attack.
These tips included the many outage reports shared with customers, anyone who told BleepingComputer they were frustrated with the lack of transparency of the society.
The prolonged outage led to speculation of a “hack” among Essendant customers, some of whom were unable to complete their work:
I think they got hacked
— Braves, Bulldogs, Hawks, Hawks, Freedom (@KTrill311) March 9, 2023
The fact that I have not been able to do my job for most of this week is unacceptable. @Essentant
— Derek (@DerekHasSeaLegs) March 9, 2023
“Network outage” is ransomware
Since March 14, the LockBit ransomware gang has claimed responsibility for the cyberattack against Essendant.
“Edit a [sic] recovery company and try again,” the malicious Essendant actor mocks on his leaked site:
The “significant” outage in Essendant would have started on the evening of Monday March 6, 2023.
In a previous update, the wholesale distributor acknowledged that the “outage” prevented its customers from placing orders or contacting customer service, and advised suppliers to suspend shipments. The company, however, made no mention of a cyberattack in the public update or in its statement to BleepingComputer.
In a revised note published today– After LockBit’s claim, the company talks about its ongoing recovery efforts, including a “cleanup” of systems that is coming to an end. The last message always pins disruptive events to a “network outage”.
Essendant isn’t the only victim claimed by a ransomware group as it battles multi-day outages.
In February, LockBit claimed responsibility for the cyberattack on Royal Mail in the UK – around the same time the courier delivery service’s online tracking was facing a prolonged outage and the company’s international shipping operations were halted.
Fifteen days ago, Dish Network also confirmed that it was a ransomware attack that caused its multi-day outage.
In September last year, Holiday Inn’s parent company, InterContinental Hotels Group has faced network disruptions only for LockBit to claim it was behind the attack a few days later.