In a concerning turn of events, LockBit ransomware gang has set its sights on CDW Corporation, a provider of technology products and services for business, government and education.
The alleged CDW data breach claim was made on their dark web channel, accompanied by a deadline set by the hacker collective to escalate their threats against the company.
According to LockBit ransomware gang’s announcement, they claim to have successfully carried out the CDW data breach and posted a message on their dark web portal.
The message read, “UNTIL FILES 16D08H42M10S.” Translating the message reveals a countdown of just over 16 days. As of our last check, the publication deadline is September 21, 2023, 00:27:26 UTC. 
CDW data breach explained: LockBit ransomware gang behind attack!

The CDW data breach claims are pressuring as the declaration of LockBit ransomware is crystal clear: “ALL AVAILABLE DATA WILL BE PUBLISHED!
The threat actor has previously employed this technique to pressure other victims in their cyber onslaught.
However, they have not shared the exact names of the files and folders in this CDW data breach. To add more suspicion to their claims, the CDW website is in operation and shows no sign of the attack. 
CDW Corporation, a Nasdaq-listed entity, stands as a prominent multi-brand provider of information technology solutions.
It caters to a diverse clientele, including businesses, government agencies, educational institutions, and healthcare providers in the United States, the United Kingdom, and Canada. 
While there is no record of a specific CDW data breach in the past, the company has not been immune to controversies.
Contour Data Solutions had initiated legal action against CDW, Gridforce, and NAES, alleging the theft of intellectual property. Contour contends that CDW’s involvement in a ‘lift and shift’ operation constituted the unlawful acquisition of their IT system.
The Cyber Express has reached out to CDW for insights into the current CDW data breach threat by the LockBit ransomware gang. We are yet to receive an official response or statement from CDW.
The LockBit ransomware gang’s notorious past
The LockBit ransomware gang is no newcomer to the world of cyber threats. Just last month, this formidable ransomware gang struck seven victims, leaving a trail of havoc in its wake.
Among the victims were UK-based Zaun, a manufacturer of metal fences, as well as the DIFC courts in Dubai, which handle business and civil disputes.
In addition, two law firms, Siam Premier in Bangkok and Luterkort in Sweden, both fell victim to LockBit ransomware gang’s relentless ransomware spree.
The LockBit ransomware gang is a notorious ransomware-as-a-service (RaaS) group that emerged in September 2019. Operating on a profit-sharing model, LockBit offers its encryption services, including variants like .abcd, LockBit 1.0, LockBit 2.0, LockBit 3.0, and LockBit Green, to affiliates who target organizations.
The group frequents hacking forums like Exploit and RAMP, maintaining a ransomware leak site where they expose victim data.
Originally known as “ABCD” ransomware, the LockBit ransomware gang transitioned to RaaS in January 2020. They established a dedicated website in September 2020 for announcing attacks and disclosing data of non-compliant victims. 
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.