HQ/EMEAFind out how we can help your business
Kawasaki Motors Europe (KME) recently announced that it had been the target of a cyberattack in early September 2024. The RansomHub ransomware group claimed responsibility for the attack, which briefly disrupted operations at KME’s EU headquarters.
The attackers have threatened to leak 487GB of stolen data unless their demands are met, placing the company in a difficult position as the deadline for payment draws near.
KME had to temporarily isolate its systems as a precaution after learning about the attack.
The organisation stated that its information technology team, working with outside cybersecurity specialists, started assessing the issue, clearing the compromised systems, and eliminating any suspicious materials—like malware—that the attackers may have left behind. KME reports that 90% of their server infrastructure should be completely operational by the beginning of next week, as the restoration process is currently underway.
Fortunately, the company clarified that the attack did not impact key aspects of its operations, such as dealerships, third-party suppliers, and logistics systems. However, there is still uncertainty surrounding the nature of the stolen data. It remains unclear if customer data is included in the breach, a possibility that raises concerns for Kawasaki’s extensive European client base. The company has not provided further details on the contents of the stolen files.
RansomHub added KME to its extortion portal on the dark web on September 5, 2024, threatening to expose the stolen data if their demands were not fulfilled by the following day.
This ransomware group has gained notoriety following the shutdown of the BlackCat/ALPHV ransomware operation, with many of BlackCat’s affiliates transitioning to RansomHub’s ransomware-as-a-service program. As a result, the group has expanded its operations, successfully targeting a wide range of victims, including 210 breaches of critical U.S. infrastructure sectors since February 2024.
Kawasaki’s case is not an isolated incident. The company is now among the growing list of organisations affected by RansomHub, which has also victimised major corporations like Rite Aid, Frontier, Planned Parenthood, and Halliburton.
Despite the high-profile nature of the attack, KME has yet to respond to requests for additional comments from security researchers, leaving many questions unanswered as the deadline for the ransom looms. The unfolding situation highlights the continued threat of ransomware attacks, which show no signs of slowing down in an increasingly vulnerable digital landscape.
