Thales position on LockBit 3.0
At this stage, on November 11, 2022, at 3pm (CET time) Thales is able to confirm the following information:
• On November 10, 2022, an extortion and ransomware group (LockBit 3.0) released on its publication platform data pertaining to Thales Group.
• At this stage, Thales is able to confirm that there has been no intrusion of its IT systems.
• Thales security experts have identified one of the two likely sources of the theft, which has been confirmed through the user account of a partner on a dedicated collaboration portal. This has led to the disclosure of a limited amount of information.
• Thales continues to investigate the other source of theft.
• Thales reiterates that, as of now, there is no impact on the Group’s operations.
• Thales is working closely with its partner and is providing all of the necessary technical support and resources to minimise any potential impact to concerned customers and stakeholders.
• The Group remains vigilant towards any data theft, systematically mobilising our teams of security experts, as data security of any of our stakeholders is our utmost priority.