Related Articles
LockBit ransomware has claimed a cyber attack on Essendant, a wholesale distributer of office products after a “significant” and ongoing outage knocked the company’s operations offline.
As earlier reported by BleepingComputer, Essendant’s wide-spread network outage has been preventing placement or fulfillment of online orders, and impacting both the company’s customers and suppliers. Freight carriers have also been told to hold off on any pick-ups until further notice.
Since publishing our report, BleepingComputer received multiple tips from Essendant employees and/or customers, with some alleging this to be a ransomware attack.
These tips included the numerous outage reports shared with customers, all who told BleepingComputer that they were frustrated by the lack of transparency from the company.
The extended outage led to speculations of a “hack” among Essendant’s customers, some of whom couldn’t complete their work:
I think they got hacked
— Braves, Bulldogs, Falcons, Hawks, Freedom (@KTrill311) March 9, 2023
The fact I haven’t been able to do my job for most of this week is unacceptable @Essendant
— Derek (@DerekHasSeaLegs) March 9, 2023
The “network outage” is ransomware
As of March 14th, LockBit ransomware gang has claimed responsibility for the cyber attack on Essendant.
“Change a [sic] recovery company and try again,” the threat actor taunts Essendant on its leak site:
The “significant” outage at Essendant is understood to have begun sometime on the evening of Monday, March 6, 2023.
In a previous update, the wholesale products distributor acknowledged that the “outage” was keeping its customers from placing orders or contacting customer care, and advised suppliers to withhold shipments. The company did not, however, make any mention of a cyber attack in either the public update or their statement to BleepingComputer.
In a revised note published today—after LockBit’s claim, the company talks about its ongoing recovery efforts, comprising a systems “clean-up” that is nearing completion. The latest post still pins the disruptive events on a “network outage.”
Essendant isn’t the only victim to be claimed by a ransomware group as it battles multi-day outages.
In February, LockBit claimed the cyberattack on UK’s Royal Mail—around the same time as the mail delivery service’s online tracking faced an extended outage and the company’s international shipping operations were disrupted.
A fortnight ago, Dish Network also confirmed that it was a ransomware attack that caused its multi-day outage.
September last year, Holiday Inn’s parent company, InterContinental Hotels Group faced network disruptions only to have LockBit claim that it was behind the attack a few days later.
