Shimano Industries, a prominent Japanese multinational manufacturing company specializing in cycling components, fishing tackle, and rowing equipment, seems to have been hit by a massive data breach by the ransomware attacker LockBit, who has threatened to release confidential data, including information such as factory inspection results, lab tests and financial documents by 5 November if their demands are not met.
The group stole 4.5 terabytes of sensitive company data.
The company had previously been involved in the production of golf supplies until 2005 and snowboarding gear until 2008.
LockBit is a major international cybercrime group that uses malware to breach global corporations' security protocols and attempts to extort money in exchange.
Its previous targets have included Royal Mail, with the British postal company's international services severely disrupted in January 2023 due to the attack.
American aeroplane and missiles manufacturer Boeing is the latest victim of the group, with the company officially confirming the attack yesterday.
A victim who does not make a ransom payment within a few days will have their data posted on the dark web in addition to being threatened with posting their data on the dark web if a ransom payment is not made.
Shimano Industries Ltd, a Japanese manufacturer of bicycle parts, was recently targeted by a ransomware attack that demanded payment of a ransom.
Shimano was unwilling to pay the ransom and the blackmail gang offered to put stolen data online, which is what they did.
Now the stolen data is probably widely available online.
Escape Collective updated their report late last week and said, upon contacting an industry-leading cyber-security firm, it was said that the delay in publishing could be an indication that Shimano was in negotiations.
Several attempts to contact LockBit itself via Sonar, a web messenger that can be used in the Tor darknet browser, have not been successful.
In a recent report from LockBit, cybercriminals claim to have successfully penetrated the Japanese manufacturer's network and obtained access to several terabytes of data.
It was announced by the attackers that Shimano would publish the stolen data after they ignored their ultimatum.
The Russian ransomware group LockBit appears to have released much of the company data on its darknet page after the ransom has expired.
The company has been releasing 4.5 terabytes of various company data.
Now that LockBit has expired, much of the data has been released, however.
Shimano did not respond to a request for comment on the matter.
Recently, the Russian-speaking ransomware gang LockBit caused a sensation by attacking the US aircraft manufacturer Boeing.
Shimano has yet to release a statement regarding the attack, and it is also not mentioned on the Shimano homepage of any kind regarding the cyberattack.
This Cyber News was published on www.cysecurity.news. Publication date: Sun, 24 Dec 2023 13:58:05 +0000