Fast-food chain Subway is currently in the spotlight, not for the unveiling of a new sandwich, but for a far less appetizing reason. A recent security breach has come to light, involving a significant failure to protect the company’s data. Founded in 1965, Subway is an American company specializing in sandwiches and salads. With over 40,000 restaurants in more than 100 countries, it is one of the world’s largest fast-food franchises.
LockBit imposes ultimatum on Subway with sensitive data at stake
In a scenario worthy of a modern thriller, Lockbit claims to have exfiltrated hundreds of gigabytes of data belonging to Subway. The group claims to have stolen hundreds of gigabytes of sensitive data. The gang said the stolen data includes employee salaries, franchise royalty payments, master franchise commission payments, restaurant sales figures, and more.
This cybercriminal group gave the company an ultimatum: secure the compromised data quickly or see it sold to the highest bidder, including competitors. Lockbit announced the attack on its Tor data leak site and gave Subway a deadline of February 2, 2024 to meet their demands. In the event of non-compliance, they threaten to publicly disclose this sensitive data. Sensitive files have been encrypted and Lockbit has demanded a large crypto-currency ransom, the amount of which is currently unknown, to release them.This situation exposes Subway not only to significant financial risks but also to a potential erosion of consumer trust.
“The largest sandwich chain claims that nothing happened. We’ve exfiltrated their internal SUBS **system, which includes hundreds of gigabytes of data and every financial aspect of the franchise, including employee salaries, franchise royalty payments, master franchise commission payments, restaurant sales figures, etc. We’re giving them some time to protect this data, otherwise we’re ready to sell it to competitors,” states the message posted on a leak site on the Tor network.
While time is of the essence when it comes to cybersecurity, Subway has yet to issue an official statement regarding this alleged breach. Attempts to contact the company for verification remain unanswered, leaving uncertainty as to the reality of the cyber attack.
Lockbit: ransomware on the rise
This latest offensive against Subway is just the tip of the iceberg when it comes to the malicious activity of LockBit, a feared player in the world of cybercrime, renowned for orchestrating thousands of hacks worldwide. This criminal organization specializes in ransomware, malicious software designed to encrypt victims’ files and demand a ransom for their decryption.
The Lockbit ransomware incursion at Subway is part of a long series of actions carried out by LockBit, underlining their ability to target large companies and institutions. Their process is well-established, and typically takes place in three distinct phases: exploiting security holes to break into networks, taking control of systems, and finally, deploying the ransomware to immobilize activity and demand a ransom. The threat posed by this group is tangible and ubiquitous, making ransomware prevention and awareness essential for all businesses.
This latest attack is just one example of the ongoing threat posed by LockBit in today’s digital landscape. Their past actions against other major corporations, such as the attack on aeronautics giant Boeing andthe record ransom demanded from CDW, testify to their audacity and ability to stir up trouble within major companies and institutions.
When fast food meets cybercrime
This misadventure is reminiscent of a similar incident suffered by Yum! Brands, the parent company of KFC, Pizza Hut, Taco Bell and The Habit Burger Grill. Nearly 300 of their UK restaurants were affected by a ransomware attack. In January 2023, Yum! Brands confirmed that a ransomware attack had compromised personally identifiable information (PII). In swift response, Yum! Brands closed the affected establishments, around 300 restaurants in the UK, for one day, reassuring its customers that their personal information was safe. Immediate response measures included taking some systems offline to contain the incident and deploying enhanced monitoring technologies.
The recent LockBit ransomware attack against Subway highlights the growing vulnerability of large corporations to cybercrime. This case illustrates how security flaws can lead to dramatic consequences, jeopardizing not only the company’s financial and personal information, but also the trust and security of its customers. This situation reminds companies of all sizes of the need for constant vigilance and regular updating of their security systems to counter these increasingly sophisticated digital threats. For Subway, the road to restoring security and consumer confidence is a tricky one, underlining the crucial importance of prevention and reactivity in the face of cyber-attacks.
