File this one under “speculative”.
LOCKBIT 3.0 has made a statement on their site that they have breached GaP Solutions and will release the data on the 20th March.
So the clocks running on this one and we will find out more details soon. I will update this article when (if) anything more is known.
Impact
None so far
Details
Minimal so far. They have definitely been breached, but to what extent and what was taken won’t be learnt until the 20th March.
Communication
CyberDailyis reporting that GaP Solutions provided the following statement.
“We are aware of online claims that there has been unauthorised access by an unknown third party to some of our internal data systems,”
“As soon as we became aware of these claims, we engaged external cyber security experts to assist us with our investigation and to determine whether GaP Solutions internal data has been impacted.”
“We want to reassure our valued clients that this incident relates to our internal systems and has not affected our customer cloud services in any way,” GaP said. “Their data and services remain secure and unaffected by this issue.”
Opinion
The statement released by GaP Solutions is a little odd, or perhaps not well worded. The line “…this incident relates to our internal systems…” doesn’t mesh with their comment that this is simply an “online claim”.
I suspect they have had a breach in a back end system and are emphasising that customer data was not taken, while not confirming their internal data was.