Pierluigi Paganini December 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data.

The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data.

Xeinadin has over 60,000 clients across the UK and Ireland. In 2021, a significant endorsement came from Exponent, one of the leading private equity investors in the UK, propelling the firm to become one of the top 20 accountancy firms in the country

The Lockbit ransomware group added Xeinadin to the list of victims on its Tor leak site.

The ransomware group claims to have stolen 1.5 terabytes of Xeinadin customer data. Compromised data include:

• Among the stolen data:
• All internal databases.
• Customer financials.
• Passports.
• Account balances.
• Accesses to personal accounts of Companies House customers of Xeinadin.
• Client legal information.
• And much more.

The gang threatens to publish the data if the company does not contact them within the deadline of 25 December 2023.

“We suggest Xeinadin management to contact us and correct their mistakes, preventing a huge leak of customer data. If in 72 hours management does not realize the severity of the situation and contact us, we will publish the legal, tax, financial and other private data of hundreds of companies from England and Ireland here.” reads the message published by the ransomware group on its Tor leak site.

The ransomware group published three screenshots showing a database scheme and the structure of the storage composing the compromised infrastructure.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)