HQ/EMEAFind out how we can help your business
Nidec Corporation disclosed that a group of hackers are responsible for the ransomware attack it suffered earlier this year. Based on reports, the attack resulted in a data theft, which eventually led to the leak of stolen information on the dark web.
The Japanese IT company stated that the threat actors tried to extort them before deciding to release the material when their demands were not satisfied. The attack did not encrypt files, but Nidec employees, contractors, and associates should still be wary of the disclosed information since other entities may use it for different activities, such as targeted phishing attempts.
Initial investigations revealed that the ransomware attack targeted Nidec Precision’s Vietnam-based division, which manufactures optical, electronic, and its photographic industry mechanical equipment.
Nidec stated that the hackers had obtained initial access using one of their employees’ legitimate VPN account credentials.
The hackers have allegedly obtained a Nidec employee’s valid VPN account credentials and accessed a server containing private information.
However, the corporation claimed it quickly closed the entry point and adopted additional security measures. Still, the hackers harvested over 50,000 pieces of data that contained various information and files, such as internal documents, letters from business partners, documents regarding green procurement, labour safety and health rules for businesses and supply chains, business documents like purchase orders, invoices, and receipts, and contracts.
The corporation assured it would notify its business partners directly affected by the incident. The 8BASE ransomware group claimed to have most of what Nidec validated throughout its inquiry, as well as personal data and a significant amount of confidential information. Also, Nidec acknowledged a ransomware attack in July but did not name any threat group.
On the other hand, the Everest ransomware gang released data reportedly taken from Nidec the following month. The corporation stated in its most recent alert that the threat actors initially made contact on August 5, implying that there could be an ongoing negotiation between the firm and the Everest ransomware gang.
Lastly, Nidec verified that the data published on the dark web originated from its systems but has yet to provide any clarity on the threat actors’ assertions.
