A London-based company that was hacked and held to ransom by cyber criminals only told regulators about the breach two weeks after it happened, Sky News has learned.
According to the Maze cyber criminal group, the computers of London Offshore Consultants (LOC) Group were locked on 30 December 2019.
The criminals claimed that 300GB of information was stolen from the marine engineering consultancy – and some of it was leaked online in an attempt to force LOC Group to pay a ransom.
Companies are meant to report data breaches to the Information Commissioner’s Office (ICO) within 72 hours of learning about them, but Sky News has learned that LOC Group only alerted the watchdog two weeks after Maze claimed they had encrypted the machines.
The ICO can issue fines of up to €20m (£16.8m) or 4% of global turnover – whichever is higher – when businesses fail to comply.
LOC Group says it has complied with its regulatory obligations, and a spokesperson told Sky News: “LOC Group can confirm that we are investigating a cyber incident.
“We acted swiftly to address this and began a full investigation, which is ongoing. We are also working with the relevant authorities.”
No personal information was contained in the material leaked online by the criminals. It is not known whether LOC Group paid the group’s ransom demands, although Sky News understand other victims of Maze have done so.
A spokesperson for the National Crime Agency told Sky News: “We are aware of an incident affecting LOC Group and are working with partners to better understand what has happened.”
The Maze hacking organisation has been extorting victims globally by breaching their computer networks, stealing information and then encrypting the computers to render them unusable.
Maze has often published snippets of information stolen from its victims as proof of the breaches, and threatened to release all of their documents and files if a ransom wasn’t paid.
According to CBC, the Canadian public broadcaster, the same group successfully hacked into the computer network of a construction company which held contracts with the country’s military.
In a similar fashion to how the LOC Group breach was celebrated by the cyber criminals, the Maze hackers also announced their breach of Toronto-based Bird Construction before the company confirmed it.
Bird Construction told CBC the “cyber incident results in the encryption of company files” but that the attack had no impact on its business.
The company added that it worked with “leading cyber security experts to restore access to the affected files”, although CBC reported it was unclear if that involved paying the criminals their ransom.