The LockBit ransomware gang claimed responsibility for the cyberattack against ION Group, a UK-based software company whose products are used by financial institutions, banks and corporations for trading, investment management and market analysis. market.
On January 31, 2023, the company disclosed the incident in a brief statement indicating that it impacted ION Cleared Derivatives, a division of ION Markets.
“ION Cleared Derivatives, a division of ION Markets, experienced a cybersecurity event beginning January 31, 2023 that affected some of its services,” the company said.
“The incident is limited to a specific environment, all affected servers are offline and service remediation is in progress. Further updates will be released as they become available” – ION Group
However, the attack had a deeper impact, as large customers using ION Group’s services in the United States and Europe were forced to switch to manual transaction processing, which caused significant delays.
Global trade organization FIA issued a statement on the issues that have arisen, saying it was working with affected members to assess the situation.
We are working with affected members, including clearing houses and exchanges, as well as market regulators and others, to assess the extent of the impact on trading, processing and clearing.
The FIA is coordinating communication and information sharing, through regular calls with affected parties, assessing affected companies, how companies can work together to mitigate disruption and seeking to clarify concerns about obligations regulations and relevant reports. – FIA
Today, LockBit ransomware added ION Group to the list of victims on its data leak site. The hackers claim to have stolen data during the intrusion and are threatening to release the files on February 4.
If ransomware actors have ION Group data, disclosing it publicly could expose sensitive information of large investors, causing significant harm to them and their organizations.
BleepingComputer has contacted ION Group to request more details on the findings of their internal investigation and whether LockBit’s claims are true, and we will update this story as soon as we receive a response.