Lockers IT Data Breach

Alleged

Ransomware claim involving Lockers IT.

Published: Jun 21, 2026
Threat Level
High
Confidence: High

Quick Summary

Company
Lockers IT
Industry
Technology
Date of Incident
Jun 21, 2026
Status
Alleged

Executive Summary

Lockers IT, a technology company based in Bangladesh, has been identified as a victim on the Nova ransomware group’s dark web portal, with the listing published on June 21, 2026. This information was discovered through SOCRadar’s Dark Web Monitoring service. The Nova group has shown a pattern of targeting organizations in the Technology, Manufacturing, and Education sectors, with recent victims primarily located in the United States, Bangladesh, and Peru.

Technical Analysis

SOCRadar’s analysis of stealer-log telemetry revealed a significant exposure for the lockersit.com domain. Nine corporate credentials for internal systems (including webmail, cPanel, and ERP applications) and six corporate credentials for third-party services were found. These records, dated up to June 19, 2026, indicate a substantial corporate intrusion risk. While this data does not definitively confirm Nova’s use of these credentials for the current incident, the pattern is consistent with typical initial access vectors for ransomware groups. These groups often acquire credentials from underground marketplaces to gain access to corporate networks via platforms like Microsoft 365, VPNs, or remote-access portals before deploying ransomware. CTI teams are advised to maintain vigilant monitoring and implement proactive credential hygiene measures.

Is Your Organization Exposed on the Dark Web?

Enter your company domain to get a free dark web exposure report instantly.