No matter how many times law enforcement tried to caution people not to believe promises by criminals that they would delete stolen data if only you paid them, some victims still paid or will pay.
Today, the NCA drove their point home more forcefully:
As you know, we were able to fully compromise LockBit’s platform in February 2024. As shared at the time, we obtained 2,500 decryption keys, all LockBit affiliate usernames, BTC addresses linked to victim payments and the payments to LockBitSupp, all the chat negotiations (which helped us show which affiliates were working together), all the attack build details and which affiliate attacked which victim, the platform source code, LockBit’s new malware in development, and much, much more.As part of our ongoing investigation we can tell you that we benefited from a great deal of information that will continue to fuel our collaborative work. We have a full understanding of the platform and how it operated, and all this detail is presently being worked through with our international Cronos colleagues to help us identify and pursue criminals all over the world. As you can see, we have already identified some, but this is just a start.LockBit let you down. Affiliates, developers, and money launderers, we look forward to catching up with you very soon…Here are some additional details we can share about the platform and its processes…Kind regardsThe National Crime Agency