The Information Highway

The Information Highway

Font size: +
2 minutes reading time (462 words)

RansomHub claims Kawasaki cyberattack, threatens to leak stolen data

Kawasaki Motors Europe has announced that its recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data.

The company says the attack targeted its EU headquarters, and it is currently analyzing and cleaning any "suspicious material," such as malware, that may still be lurking on systems.

"At the start of September, Kawasaki Motors Europe (KME) was the subject of a cyber-attack which, although not successful, resulted in the company's servers being temporarily isolated until a strategic recovery plan was initiated later on the same day," reads the announcement

"KME and its country Branches operate a large number of servers and, as a precaution, it was decided to isolate each one and put a cleansing process in place whereby all data was checked and any suspicious material identified and dealt with."

Kawasaki Motors Europe is a subsidiary of Kawasaki Heavy Industries, Ltd., a global Japanese company known for manufacturing motorcycles, all-terrain vehicles (ATVs), Jet Skis, utility vehicles, and other motorized products.

KME is responsible for the distribution, sales, and marketing of Kawasaki's motorcycle products in the European market, operating an extensive network of authorized dealerships and customer service centers across the continent.

The company says that its IT staff collaborated with external cybersecurity experts following the attack, checking servers one by one before they connected them back into the corporate network.

KME estimates that by the start of next week, 90% of its server infrastructure will have been restored.

Everything that concerns business operations, including dealerships, third-party suppliers, and logistics operations, is not impacted.

RansomHub claims the attack

Kawasaki's announcement comes as the RansomHub ransomware gang claimed responsibility for the attack on the company.

The threat group added the company to its extortion portal on the dark web on September 5, 2024, claiming the theft of 487 GB of data from Kawasaki's networks.

The timer is set to expire tomorrow, and if the threat actors' demands aren't satisfied, they threaten to publish all stolen data by that point.

Source: BleepingComputer

It is unclear if RansomHub holds customer data in the stolen files, but this scenario cannot be ruled out at this point.

RansomHub has become prolific since the BlackCat/ALPHV ransomware operation shut down, with many of its affiliates moving to the newer ransomware-as-a-service program.

With the influx of skilled affiliates, RansomHub has seen a surge in successful attacks, including those against a division of Rite Aid, Frontier, Planned Parenthood, Halliburton, Christie's,

Last month, a joint advisory between the FBI, CISA, and the Department of Health and Human Services (HHS) reported that RansomHub breached 210 victims from a wide range of critical U.S. infrastructure sectors since it launched in February.

23andMe to pay $30 million in genetics data breach...
FBI: Reported cryptocurrency losses reached $5.6 b...

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Thursday, 14 November 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023