The notorious LockBit ransomware group has allegedly claimed the Sabre Insurance data breach, as revealed by cyber threats on their official data leak site. The group has issued an ultimatum, threatening to release the company’s data on November 30, 2023. 
The Sabre Insurance data breach comes at a delicate time, coinciding with the recent passing of Andy Pomfret, the Non-Executive Chair of Sabre Insurance Group plc, on November 18, 2023. 
Sabre Insurance Data Breach
Source: Twitter
LockBit ransomware group is employing its well-established method of extortion, presenting Sabre Insurance Company with three significant ultimatums. For a payment of $10,000, the threat actors offer a 24-hour extension before the data release. Alternatively, for a hefty sum of $900,000, the stolen data will be permanently destroyed. Strikingly, the same amount also provides the option for the organization to redownload their compromised data.
The threat actor has set a deadline of November 30, 2023, amplifying the urgency for Sabre Insurance Company to respond effectively before the publication of their sensitive data. The looming deadline adds a layer of complexity, considering the recent loss of Andy Pomfret, a key figure in the company’s leadership.
In the wake of Andy Pomfret’s passing, Rebecca Shelley, the Senior Independent Director, steps into the role of acting Chair. This leadership transition further underscores the challenges faced by Sabre Insurance Company both in terms of the impending Sabre Insurance data breach and the loss of a guiding force within the organization.
Sabre Insurance data breach and LockBit surge in activities
The Cyber Express sought to verify the claims of the Sabre Insurance data breach by reaching out to the company for an official statement or response. As of the time of writing, no official communication has been received, leaving the claims unverified and the company’s stance on the matter unclear.
The LockBit ransomware group, formerly known as “ABCD” ransomware, has evolved into a formidable threat in the landscape of extortion cyberattacks. Operating as a ‘crypto-virus,’ it targets primarily enterprises and government organizations rather than individuals. The ransomware, which originated in September 2019 as the “.abcd virus,” has targeted organizations globally, including the United States, China, India, Indonesia, Ukraine, and several European countries like France, the UK, and Germany.
LockBit ransomware strategically selects targets likely to feel compelled to pay a substantial sum to mitigate the disruption, often resulting in widespread attacks against large enterprises across various sectors, from healthcare to financial institutions. Notably, the ransomware appears to avoid systems within Russia and other Commonwealth of Independent States, presumably to evade prosecution in those jurisdictions.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.