Cyber Incident Victim: Cooperativa Antonio Vega Granados R.L.
Date:
Oct 2022
Location:
Costa Rica
Summary
Cooperativa Antonio Vega Granados R.L. was claimed as a victim by the Lockbit 3.0 ransomware group in a broader campaign targeting Latin American entities, though the group provided no supporting evidence to verify the claim. The cooperative's incident coincided with other regional cyberattacks, including telecommunications disruptions and financial service interruptions at unrelated organizations, but no direct technical or forensic links to Lockbit were publicly established for those parallel incidents.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The cyber incident involving Cooperativa Antonio Vega Granados R.L. emerged within a broader pattern of attacks attributed to the Lockbit 3.0 ransomware group across Latin America and Spain during late October 2022. According to unverified claims by Lockbit 3.0, the Costa Rican cooperative was listed among several alleged victims, including Sociedad Balbiana in Spain, Macrotel in Argentina, and Fisco Saéde and Happmobi in Brazil. Lockbit’s claims lacked supporting proof packs, leaving the assertions unconfirmed. Notably, Fisco Saéde and Villa Toro de Hisba independently reported cyberattacks occurring between October 25 and 28, though neither organization publicly identified Lockbit as the responsible actor. No specific technical details, timelines, or operational impacts related to Cooperativa Antonio Vega Granados R.L.’s incident were disclosed in available sources, and the cooperative itself did not issue public statements corroborating Lockbit’s allegations or describing any disruption.
The incident occurred alongside other geographically proximate cyberattacks, including a confirmed October 29 attack on Chile’s ALMA Observatory that forced operational halts, though no group claimed responsibility. Personal Paraguay, a Paraguayan telecom, suffered a disruptive attack beginning around October 25, causing multi-day service interruptions to cellular, internet, and television systems, though the company asserted core services remained minimally functional. Personal Paraguay isolated its digital wallet platform preemptively to protect user funds, though customers reported unresolved issues despite these measures. The telecom stated no ransom demand was received, contrasting with Lockbit’s typical ransom tactics. No direct connection was established between Lockbit’s unverified claims against Cooperativa Antonio Vega Granados R.L. and these contemporaneous incidents, and no forensic evidence or cooperative-specific response actions were documented in publicly accessible reports.