{ "id": "5d3e53b0-7b98-4164-a268-0a358e193a46", "created_at": "2026-04-06T00:12:18.636359Z", "updated_at": "2026-04-10T03:20:43.808821Z", "deleted_at": null, "sha1_hash": "763dd6bd838ef06f8f1c7b0b1776172f2ccc5de7", "title": "LockBit claims ransomware attack on security giant Entrust, leaks data", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 2931302, "plain_text": "LockBit claims ransomware attack on security giant Entrust, leaks data\r\nBy Lawrence Abrams\r\nPublished: 2022-08-18 · Archived: 2026-04-05 19:02:10 UTC\r\nAugust 21th, 2022 update below. This post was originally published on August 18th.\r\nThe LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust.\r\nLast month, BleepingComputer broke the story that Entrust suffered a ransomware attack on June 18th, 2022.\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-security-giant-entrust-leaks-data/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-security-giant-entrust-leaks-data/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nStarting in early June, Entrust had begun to tell customers that they suffered a cyberattack where data was stolen from\r\ninternal systems.\r\n\"We have determined that some files were taken from our internal systems,\"  Entrust shared in a security notification to\r\ncustomers.\r\n\"As we continue to investigate the issue, we will contact you directly if we learn information that we believe would affect\r\nthe security of the products and services we provide to your organization.\"\r\nWhile Entrust would not share any details regarding the attack or confirm if it was ransomware, they told BleepingComputer\r\nthat they were investigating the incident.\r\n\"While our investigation is ongoing, we have found no indication to date that the issue has affected the operation or security\r\nof our products and services, which are run in separate, air-gapped environments from our internal systems and are fully\r\noperational,\" Entrust told BleepingComputer.\r\nHowever, AdvIntel CEO Vitali Kremez told BleepingComputer at the time that a well-known ransomware gang had attacked\r\nEntrust after purchasing access to the corporate network through \"network access sellers.\" \r\nLockBit claims attack on Entrust\r\nToday, security researcher Dominic Alvieri told BleepingComputer that LockBit had created a dedicated data leak page for\r\nEntrust on their website, stating that they would publish all of the stolen data tomorrow evening.\r\nEntrust page on the LockBit data leak site\r\nSource: BleepingComputer\r\nWhen ransomware gangs publish data on their data leak sites, they usually leak data over time to scare the victim into\r\nreturning to the negotiation table.\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-security-giant-entrust-leaks-data/\r\nPage 3 of 5\n\nAs LockBit states that they will publish all data, it indicates that Entrust has not negotiated with the ransomware operation\r\nor refuses to give in to their demands.\r\nHowever, LockBit claiming of the attack supports what sources had previously told BleepingComputer about who was\r\nresponsible.\r\nLockBit is considered one of the most active ransomware operations at this time, with its public-facing operation\r\n'LockBitSupp' actively engaging with threat actors and cybersecurity researchers.\r\nIn June, LockBit 3.0 was released with new encryptors based on the BlackMatter source code, new payment options, new\r\nextortion strategies, and the first ransomware bug bounty program.\r\nDue to its ongoing adoption of new tactics, technology, and payment methods, it is vital for security and network\r\nprofessionals to stay up to date on the evolution of the operation and its TTPs.\r\nUpdate 8/21/22:\r\nLockBit leaks alleged Entrust data\r\nLockBit began leaking Entrust's data Friday evening, first sharing screenshots of some of the allegedly stolen data, with the\r\nthreat actors saying they would leak further data later that evening.\r\nAlvieri, who has been monitoring the leak, told BleepingComputer that the leaked data consists of accounting and legal\r\ndocuments and marketing spreadsheets.\r\nHowever, soon after they began leaking data, the ransomware gang's Tor data leak sites went offline, with the threat actors\r\nclaiming that they are being DDoSed due to the Entrust attack.\r\nWhen BleepingComputer contacted Entrust about the leaked data, they told us that they have nothing to add to their original\r\nstatement from July.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-security-giant-entrust-leaks-data/\r\nPage 4 of 5\n\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-security-giant-entrust-leaks-data/\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-security-giant-entrust-leaks-data/\r\nPage 5 of 5", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-security-giant-entrust-leaks-data/" ], "report_names": [ "lockbit-claims-ransomware-attack-on-security-giant-entrust-leaks-data" ], "threat_actors": [], "ts_created_at": 1775434338, "ts_updated_at": 1775791243, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/763dd6bd838ef06f8f1c7b0b1776172f2ccc5de7.pdf", "text": "https://archive.orkl.eu/763dd6bd838ef06f8f1c7b0b1776172f2ccc5de7.txt", "img": "https://archive.orkl.eu/763dd6bd838ef06f8f1c7b0b1776172f2ccc5de7.jpg" } }