LockBit Ransomware Hack: What Caused the Data Breach?
Highlights
- LockBit ransomware has been hacked, resulting in the public exposure of the team's illegal practices.
- The leaked data includes 60,000 BTC addresses, negotiation chats, and admin credentials.
- Security researcher Michael Gillespie posited that the data breach occurred due to lack of proper security measures.
In a significant blow to the notorious LockBit ransomware gang, a massive hack exposed sensitive internal data, including details of 60,000 Bitcoin addresses. This data breach follows recent law enforcement efforts to disrupt the gang’s operations, potentially crippling their ability to carry out further crimes.
Notably, the exposed data includes negotiation chats, admin credentials, and wallet addresses. These critical documents are now publicly available, providing insights into LockBit’s operations.
LockBit Ransomware Gang Data Breach: Details
LockBit’s dark web affiliate panel was recently compromised, resulting in a complete defacement and exposure of sensitive data. The incident was first uncovered by the threat actor, Rey, who wrote on X, “LockBit just got pwned.” Following the breach, the admin panels show a message instead of the usual login screen:
Don’t do crime. CRIME IS BAD. xoxo from Prague”
Along with this message is a link to a downloadable archive: paneldb_dump.zip, which contains a MySQL dump of LockBit’s affiliate portal.
Inside the LockBit Ransomware Database
Notably, the breached database contains 20 tables that reveal the platform’s operations. It includes about 60,000 unique Bitcoin addresses, individual builds created by affiliates for attacks, and configurations used for each build, such as specific servers to skip or files to encrypt. In addition, the data unveils negotiation messages between the LockBit gang and victims, offering a glimpse into their tactics and interactions. Thus, the LockBit Ransomware hack helps an investigator to better understand LockBit’s inner workings.
The incident is unfolding at a time when the crypto market experienced a significant uptrend, mainly driven by Trump’s US-UK trade deal announcement.
What Caused the Hack?
Security researcher Michael Gillespie posited that the data breach occurred due to LockBit ransomware’s lack of proper security measures. The analyst identified that the passwords were kept in plain text, unencrypted, revealing lax security practices, which is ironic given their own malicious activities. This incident follows increasing crypto scams, which forced Australian regulators to shut down 90 companies allegedly linked to pig butchering scams.
Though the identity of the breach’s perpetrator and the method used are still unclear, the similar defacement message used in the Everest ransomware breach suggests a possible link.
- Legal Expert Breaks Down XRP’s Appeal as Ripple SWIFT Debate Heats Up
- Crypto Stakeholders Push Back as Banks Seek Yield Ban Provision in CLARITY Act
- Crypto ETFs Approval Faces Uncertainty as Government Shutdown Looms, Bloomberg Analyst Says
- Fed’s Hammack Backs Restrictive Policy Over Rate Cuts Amid Inflation Concerns
- Fed Governor Chris Waller Champions Stablecoins as a Tool for Cheaper Global Payments
- Dogecoin Price Prediction – Chart Set-Up Highlights Perfect Buying Opportunity With Outflows Backing $0.45
- Bitcoin Price Set to Rebound Ahead of US Government Shutdown, NFP Data
- XRP Price Prediction: How XRP Could React After October 2025 SEC ETF Decisions
- Aster Price Prediction as US President Adds $110M Worth of Tokens to His Portfolio
- Pepe Coin Price Bounce Likely as Support Zone Aligns With Rising Social Activity
- Solana Price Set for Recovery Amid Wyckoff Accumulation and Canary Capital ETF Filing
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more…to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
