LockBit 3.0 Ransomware Attack on Museu Paraense Emílio Goeldi
Ransomware Attack on Museu Paraense Emílio Goeldi by LockBit 3.0
Victim Profile
The Museu Paraense Emílio Goeldi (MPEG) is a Brazilian research institution and museum located in Belém, Pará, Brazil. Founded in 1866, it is a federal research institution within the Brazilian Ministry of Science, Technology and Communication (MCTIC). The museum's primary focus is on the scientific study of natural and sociocultural systems in the Amazon area, contributing to the cultural memory and regional development of the region.
Company Size and Standout
The MPEG has a significant presence with a 5.4-hectare zoological and botanical park, a 10-hectare research campus, and a scientific station in the Caxiuanã national forest. It is the oldest scientific institution in the Amazon area, dedicated to the scientific study of natural and socio-cultural systems in the region.
Attack Details
The cyberattack on the Museu Paraense Emílio Goeldi by LockBit 3.0 resulted in the exfiltration of 2 GB of sensitive data, including personally identifiable information (PII) and financial data. The attackers utilized ransomware as their attack technique, encrypting files, modifying filenames, changing desktop wallpaper, and dropping a ransom note on the victim's desktop.
Industry Vulnerabilities
Being a prominent research institution, the organization holds valuable data related to biodiversity, natural sciences, and cultural heritage. This makes them a prime target for threat actors seeking to exploit sensitive information for financial gain or malicious purposes.
Ransomware Group Distinction
LockBit 3.0, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations. It is considered one of the most dangerous and disruptive ransomware threats currently active, with advanced features that make it harder to detect and defend against.
Sources:
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!