The prolific ransomware gang LockBit has claimed responsibility for hacking one of India’s top brokerage firms, Motilal Oswal. Indian authorities say they are aware and investigating the incident.
On Tuesday, LockBit added the Indian brokerage giant Motilal Oswal to its dark web leak site, according to the listing seen by TechCrunch. Cybercriminal groups often use their leak sites to extort ransom payments from their victims, and threaten to publish the victim’s stolen data if they fail to pay.
LockBit claims to have accessed “confidential company data.”
Motilal Oswal serves around six million clients across hundreds of cities in India and holds assets under advice of about $53 billion.
It’s unclear if the brokerage firm is experiencing any operational disruption. Spokespeople for Motilal Oswal did not respond to multiple emails requesting comment, but did not dispute an incident.
India’s Computer Emergency Response Team, or CERT-In, told TechCrunch in an email on Thursday that it was aware of the matter and was “already in process of taking appropriate action.”
Founded in 1987, Motilal Oswal operates a list of financial services, including asset and wealth management, equity and commodity trading, investment banking, institutional broking and mutual fund distribution. The financial giant also owns a private equity subsidiary called Motilal Oswal Alternatives, which has backed a range of companies, including electronic manufacturers Dixon and VVDN Technologies, as well as startups including KreditBee.
Since 2022, LockBit has emerged as one of the most deployed ransomware variants worldwide. The Russia-linked ransomware gang claimed attacks on tech companies including Taiwanese chipmaker TSMC, IT services firm Accenture and manufacturer Foxconn. Last year, the LockBit group also attacked Indian pharmaceutical company Granules India and India’s state-owned National Aerospace Laboratories.