LockBit says it hacked the Federal Reserve – but experts think we should take the claims with a pinch of salt
LockBit has added the US Federal Reserve to its leak site, claiming to have stolen 33TB of data, but some security experts aren’t convinced


Notorious ransomware collective LockBit claims to have stolen 33TB of sensitive data from the US Federal Reserve – but some security experts think they're bluffing.
The collective posted the Federal Reserve on its dark web leak site on Sunday 23 June 2024, along with the demand the Fed appoint another negotiator after being low-balled in the ransom mediation.
“You better hire another negotiator within 48 hours, and fire this clinical idiot who values American’s bank secrecy at $50,000”, the statement read.
The information included in the 33TB cache said to have been exfiltrated from the Federal Reserve was not confirmed in the listing, only that it includes confidential information of American banking activities.
With the deadline set to expire on 25 June 2024, the Federal Reserve has not confirmed the authenticity of the data or whether it was breached at the time of writing.
Some security experts are also casting doubt over LockBit's claims.
Can LockBit’s claims be trusted?
In a post on X discussing the incident, cyber security researcher Dominic Alvieri commented “someone is mad” and expressed some skepticism about how legitimate LockBit’s claims are.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Alvieri noted that without any proof it is more likely the group is “just blowing off steam”.
Thomas Richards, principal consultant at the Synopsys Software Integrity Group said the collective has a reputation for dishonesty, noting it has previously provided data samples to confirm it has the stolen information.
RELATED WHITEPAPER
"In the past, when this hacker group has claimed to have information, they have provided at least a sample to prove they have the data,” he said.
“With no actual information provided and no confirmation from the Federal Reserve of the US Government, the claims might not be accurate”.
But Richards did acknowledge that if true, this breach could have serious implications for the integrity of the American financial system.
“If they were able to breach the FRB and gain access to such sensitive information, the release could be damaging to our financial system.”

Solomon Klappholz is a former staff writer for ITPro and ChannelPro. He has experience writing about the technologies that facilitate industrial manufacturing, which led to him developing a particular interest in cybersecurity, IT regulation, industrial infrastructure applications, and machine learning.
-
M&S suspends online sales as 'cyber incident' continues
News Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
By Ross Kelly
-
Manners cost nothing, unless you’re using ChatGPT
Opinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
By Ross Kelly