The LockBit ransomware gang has claimed responsibility for the cyberattack on ION Group, a UK-based software company whose products are used by financial institutions, banks, and corporations for trading, investment management, and market analytics.
On January 31, 2023, the firm disclosed the incident in a short statement saying that it impacted ION Cleared Derivatives, a division of ION Markets.
“ION Cleared Derivatives, a division of ION Markets, experienced a cybersecurity event commencing on 31 January 2023 that has affected some of its services,” the company.
However, the attack had a deeper impact as large customers using ION Group’s services in United States and Europe were forced to switch to manual processing of the trades, causing significant delays.
Global trading organization FIA has published a statement on the issues that have arisen, saying it’s working with impacted members to assess the situation.
Today, LockBit ransomware has added ION Group to the list of victims on its data leak site. The hackers claim to have stolen data during the intrusion and threaten to publish the files on February 4.
If the ransomware actors hold any data from ION Group, leaking it publicly might expose sensitive information of large investors, causing significant damage to them and their organizations.
BleepingComputer has contacted ION Group to request more details about the findings of their internal investigation and whether LockBit’s claims hold any truth, and we will update this story as soon as we receive a response.