In the News: Planet Home Lending notifies customers of LockBit ransomware incident
Published originally on February 12, 2024 on SC Magazine.


News that Planet Home Lending experienced a cyberattack by the LockBit ransomware group leveraging the Citrix Bleed flaw has come out in dribs and drabs.

The cyberattack last fall was first reported by a personal injury law firm in late January, but the tech press picked up on the news Feb. 12 after said Planet Home faced a class action lawsuit based on the incident on Feb. 6.

The crux of the matter is that Planet Home Lending sent out a letter to customers Jan. 24 explaining that the personal information of its customers was breached in connection with one of the LockBit ransomware group’s recent campaigns.

It was the second time in the past several months Planet Home had to report a serious breach. The first was late last summer, when the company disclosed it was impacted by the MoveIT vulnerability.

Ashley Leonard, chief executive officer at Syxsense, said financial institutions will always be a target of cyberattacks because of the data they have and the need for high availability.

“If a bank’s operations are taken down, it can’t transact and make money, like in the case of Fidelity National Financial and now Planet Home,” explained Leonard.

Leonard added that the Citrix Bleed vulnerability has been incredibly difficult to mitigate, even for organizations that have patched their systems. Part of the attack path in exploiting this vulnerability is to leverage stolen credentials and bypass multi-factor authentication, said Leonard, “and once they have done that, they’re moving laterally throughout the network, making it difficult to find and root out.”

Read the full story on SC Magazine.