LockBit’s $80M Ransom Demand To CDW Is Third Largest Ever: Expert

The cybercriminal gang is threatening to leak stolen CDW data if its payment demand isn’t met by a Thursday deadline.


An $80 million extortion demand to CDW by the cybercriminal gang LockBit is the third largest known ransom demand to date, an expert said.

IT solution provider giant CDW, No. 4 on CRN’s 2023 Solution Provider 500, has so far not commented to CRN on LockBit’s claim to have stolen data from the company, which the group said will be leaked if its ransom demand is not met by CDW. LockBit has posted a payment deadline of 18:40 UTC (2:40 p.m. ET) Thursday.

[Related: The 10 Biggest Data Breaches of 2023 (So Far)]

Sponsored post

LockBit is also claiming that CDW offered to pay $1.1 million out of the $80 million demand, according to a post on the group’s darkweb leak site. The Register reported Friday that it was told by a LockBit representative that the group was insulted by the low amount offered by CDW.

CRN reached out to CDW for comment Thursday. The solution provider didn’t respond to a CRN request for comment last Friday.

The $80 million ransom demand is the third largest that is publicly known about, Emsisoft threat analyst Brett Callow posted on X, the site formerly known as Twitter.

The only known demands that are higher are a $240 million demand to MediaMarkt by Hive and a $100 million demand to Acer by REvil, according to a previous ranking by Equinix’s William Thomas.

The $80 million demand also appears to be the largest ever by LockBit, a prolific Russian-speaking cybercriminal group. LockBit had demanded $70 million from TSMC in June.

Cybersecurity vendor Flashpoint has estimated that LockBit accounted for 27.9 percent of all known ransomware attacks between July 2022 and June 2023.