CDW Data Could Leak Next Week After Insulting LockBit With Low Ransom Bid: Report

IT solution provider CDW was reportedly the subject of a cybersecurity attack by the LockBit cybercrime organization, which has promised to release CDW’s data after negotiations between the two broke down over the ransom fee.

The Register Friday reported that it was told by a LockBit spokesperson who used the alias “LockBitSupp” that CDW’s data will be released Tuesday after negotiations between the two ended when CDW offered to pay a ransom that was so low “it insulted the crooks.”

LockBitSupp told The Register that it will publish the information after CDW, a “$20 billion company,” offered payment deemed insufficient, and that it has “refused the ridiculous amount offered.”

[Related: The 2023 Security 100]

CDW, ranked No. 4 on the CRN 2023 Solution Provider 500, has reported $22 billion revenue for the 12 months ended June 30, 2023.ADVERTISEMENT

CDW did not respond to a CRN request for information by press time.

LockBitSupp did not tell The Register the details of what LockBit wanted in payment or what CDW offered. At this point, the CDW data is slated to be released early Tuesday, October 10.

CDW is not the first IT solution provider to be hit by a LockBit ransomware attack. Global services provider Accenture, ranked No. 1 on the CRN Solution Provider 500, in late 2021 was also hit by an attack, but said there was no impact on the company’s operations.

France-based defense and cybersecurity company Thales, which in late 2022 was also attacked by LockBit, said that it experienced no intrusions in its IT systems.

Russia-based LockBit provides ransomware-as-a-service. It has become the prominent and most widespread cyber threat thanks to its “sophisticated and ruthless” strain of ransomware that infiltrates computer systems, encrypts important data, and demands large ransoms, according to New York-based security technology company Flashpoint.

Flashpoint estimates that LockBit has accounted for 27.9 percent of all known ransomware attacks between July of 2022 and June of 2023.

Not every LockBit cyberattack is what it seems. LockBit in June of 2022 claimed that it stole data from Reston, Va.-based cybersecurity vendor Mandiant. Mandiant, however, said that what actually happened was an attempt to shake down Mandiant to pay the ransom.

Kyle Alspach and Steve Burke contributed to this article.LEARN MORE: Cybersecurity  | Professional Services 

 Learn About Joseph F. Kovar


Joseph F. Kovar is a senior editor and reporter for the storage and the non-tech-focused channel beats for CRN. He keeps readers abreast of the latest issues related to such areas as data life-cycle, business continuity and disaster recovery, and data centers, along with related services and software, while highlighting some of the key trends that impact the IT channel overall. He can be reached at [email protected].


SentinelOne To Challenge ‘Antiquated’ SIEM Technology From Splunk: CEOInvestors Eyeing Impacts To Israeli Tech Industry: ReportsGenAI Is A Hit With Hackers. Here’s Why It Will ‘Benefit The Defense’ Even More.10 Big Things To Know About Zero Trust Security In 202310 Cybersecurity Companies Making Moves: September 2023 TO TOPADVERTISEMENT


  1. Nutanix CEO On ‘Areas Of Concern’ In VMware-Broadcom Deal For Customers And Partners | CRN
  2. IBM CEO Arvind Krishna Aims To Grow Revenue Coming From Partners To 50 Percent, Touts ‘Huge Amount’ Of Money To Be Made In AI | CRN
  3. CDW Data Could Leak Next Week After Insulting LockBit With Low Ransom Bid: Report | CRN
  4. SentinelOne To Challenge ‘Antiquated’ SIEM Technology From Splunk: CEO | CRN
  5. SentinelOne CEO: Microsoft Security Should Be More Like Apple | CRN

Leave a Reply

Your email address will not be published. Required fields are marked *