“The French Ministry of Justice is aware of the alert and has immediately taken actions to proceed to the needed verifications, in collaboration with the competent services in this field,” a government spokesperson told ZDNet. The Ministry of Justice was added to the LockBit leak site alongside data from dozens of European companies and towns, including the French city of Saint-Cloud. LockBit has become well-known for overstating claims of data theft. It has been repeatedly caught adding the names of companies and organizations to its site with no files to show for it. While the claims of an attack on the Ministry of Justice are being investigated, LeMagIT did report this week that the city of Saint-Cloud confirmed it dealt with some kind of cyberattack. Security Week’s Eduard Kovacs was one of the first to report that LockBit 2.0 had added the French Ministry of Justice to its leak site and was threatening to leak documents by February 10. Local journalists later said sources at the Ministry of Justice confirmed the attack but questioned the scope of the incident considering LockBit was only advertising about 8,000 files. Trend Micro revealed this week that LockBit now has additional Linux and VMware ESXi variants that have been spotted actively targeting organizations in recent months. The company noted that a number of other ransomware variants have been shifting their efforts to target and encrypt Linux hosts, such as ESXi servers, but that the LockBit move was concerning because of LockBit’s ransomware-as-a-service’s popularity.