U.S. multinational fast food chain Subway had its internal system claimed to be compromised by the LockBit ransomware operation, resulting in the theft of a trove of sensitive financial information, The Register reports.
Hundreds of gigabytes of data were exfiltrated from Subway's SUBS system, including franchise royalty payments, restaurant turnovers, master franchise commission payments, and employee salaries, according to LockBit, which has threatened to sell the stolen data should the fast food chain refuse to enter negotiations.
"We are giving some time for them to come and protect this data, if no[t], we are open to sell to competitors," said LockBit.
No further specifics on whether the attack involved ransomware or only data extortion were provided, the latter of which has gained traction among ransomware operations. Meanwhile, Subway noted that an investigation into the alleged LockBit ransomware attack has begun but no public disclosure of the intrusion has been made.