Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Japanese tech giant Nidec confirms 8Base data breach, company data published

Japanese tech giant Nidec has confirmed that threat actors breached its systems and launched a ransomware attack earlier this year, following claims by cyber criminals that they had exfiltrated company data.

user icon Daniel Croft
Mon, 21 Oct 2024
Japanese tech giant Nidec confirms 8Base data breach, company data published
expand image

The Nidec Corporation is the world’s top comprehensive motor manufacturer, specialising in “everything that spins and moves”, according to the company.

In May this year, the 8Base ransomware gang claimed to have launched a ransomware attack on the Nidec Instruments Corporation, claiming to have exfiltrated data, including invoices, receipts, accounting documents, certificates, employment contracts, personal data, confidentiality agreements, personal files and a “huge amount of confidential information”.

According to Nidec’s latest statement, the threat actors breached the company’s Vietnam-based Nidec Precision (NPCV) division.

============
============

“[NPCV] was illegally accessed by an external malicious criminal group, and documents and files from NPCV’s server were stolen, resulting in an extortion attack in which a ransom was demanded based on the stolen documents and files,” said the statement.

“In addition, as our company did not comply with the demands of the external criminal group, the external criminal group published the stolen documents and files on a so-called dark site, making them accessible to third parties.”

The company added that it became aware of the incident on 5 August when the threat group reached out and demanded a ransom.

It also said that the data made public by 8Base includes “NPCV internal documents, letters from suppliers, documents related to green procurement, occupational health and safety and policies (operations, supply chain, etc.), transaction documents (order forms, invoices, receipts), contracts, etc.”

“We will provide separate information to business partners involved in the leaked information,” it said.

The company believes that the threat group gained access through the use of stolen credentials for NPCV’s general domain account. Following the breach, all group companies reportedly scanned all devices, reset passwords, reviewed access rights for its servers and suspended the NPCV VPN device that it believes allowed the threat actors in.

“Once again, we would like to offer our deepest apologies for the inconvenience and concern caused to our customers and all other concerned parties,” it said.

Cyber Daily has observed that Nidec was also listed by the Everest ransomware group on 8 August 2024. It has since published data allegedly belonging to Nidec. It is unclear whether or not this is a separate incident or a case of republished data.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.