Ransomware group LockBit apologizes saying ‘partner’ was behind SickKids attack
TORONTO — A global ransomware operator issued an apology and offered to unlock the data targeted in a ransomware attack on Toronto’s Hospital for Sick Children, a move cybersecurity experts say is rare, if not unprecedented, for the infamous group.
LockBit, a ransomware group the U.S. Federal Bureau of Investigation has called one of the world’s most active and destructive, issued the brief apology on Dec. 31 to what cybersecurity experts say is the dark web page where it posts about its ransoms and data leaks.
In the statement, reviewed directly by The Canadian Press, LockBit claimed to have blocked the “partner” responsible for the attack and offered SickKids a free decryptor to unlock its data.
“As far as I’m aware, this is the first time they’ve issued an apology and offered to hand over a free decryptor,” said Brett Callow, a British Columbia-based threat analyst with anti-malware company Emsisoft who tracks ransomware attacks.