iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Japanese tech giant Nidec has confirmed that threat actors breached its systems and launched a ransomware attack earlier this year, following claims by cyber criminals that they had exfiltrated company data.
The Nidec Corporation is the world’s top comprehensive motor manufacturer, specialising in “everything that spins and moves”, according to the company.
In May this year, the 8Base ransomware gang claimed to have launched a ransomware attack on the Nidec Instruments Corporation, claiming to have exfiltrated data, including invoices, receipts, accounting documents, certificates, employment contracts, personal data, confidentiality agreements, personal files and a “huge amount of confidential information”.
According to Nidec’s latest statement, the threat actors breached the company’s Vietnam-based Nidec Precision (NPCV) division.
“[NPCV] was illegally accessed by an external malicious criminal group, and documents and files from NPCV’s server were stolen, resulting in an extortion attack in which a ransom was demanded based on the stolen documents and files,” said the statement.
“In addition, as our company did not comply with the demands of the external criminal group, the external criminal group published the stolen documents and files on a so-called dark site, making them accessible to third parties.”
The company added that it became aware of the incident on 5 August when the threat group reached out and demanded a ransom.
It also said that the data made public by 8Base includes “NPCV internal documents, letters from suppliers, documents related to green procurement, occupational health and safety and policies (operations, supply chain, etc.), transaction documents (order forms, invoices, receipts), contracts, etc.”
“We will provide separate information to business partners involved in the leaked information,” it said.
The company believes that the threat group gained access through the use of stolen credentials for NPCV’s general domain account. Following the breach, all group companies reportedly scanned all devices, reset passwords, reviewed access rights for its servers and suspended the NPCV VPN device that it believes allowed the threat actors in.
“Once again, we would like to offer our deepest apologies for the inconvenience and concern caused to our customers and all other concerned parties,” it said.
Cyber Daily has observed that Nidec was also listed by the Everest ransomware group on 8 August 2024. It has since published data allegedly belonging to Nidec. It is unclear whether or not this is a separate incident or a case of republished data.
Be the first to hear the latest developments in the cyber industry.
