The LockBit ransomware gang is claiming an attack on submarine sandwich slinger Subway, alleging it has made off with a platter of data.
LockBit’s post to its leak blog, published on January 21, suggests one of its affiliates breached Subway’s database, stealing sensitive data on “All financial aspects” of the fast food franchise.
“We exfiltrated their SUBS internal system which includes hundreds of gigabytes of data and all financial [aspects] of the franchise, including employee salaries, franchise royalty payments, master franchise commission payments, restaurant turnovers etc,” LockBit alleges.
The last line here suggests LockBit is giving Subway some time to mull the demands that it has almost certainly communicated to the company.
It’s not clear whether ransomware was involved or if the criminals’ claims are solely related to data theft and extortion, as ransomware gangs have been increasingly “Pivoting” to this in the last few years.
From intel gathered in 2023, LockBit established clear guidelines on ransom demands and how generous a discount its affiliates are allowed to offer before walking away from the table.