Yamaha confirms ransomware attack on key factory

News
By published

Sensitive Yamaha employee data was stolen in the attack

Conceptual art of a computer system being hacked.
Due hacker ci hanno mostrato quanto sia semplice attaccare le infrastrutture critiche (Image credit: Getty Images)

Yamaha Motor Philippines, a subsidiary of the Japanese powerhouse manufacturer, suffered a ransomware attack in late October this year, the company confirmed.

 Soon after the incident, a hacking group took responsibility for the attack and leaked some of the data allegedly stolen in the attack.

The breach was first detected on October 25, the company added, claiming that it only affected a single server, and that its headquarters, as well as all other subsidiaries, were unaffected by the attack. The incident was since reported to the police in the Philippines, and an investigation is underway.

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Data leaks online

“Yamaha Motor announces that one of the servers managed by its motorcycle manufacturing and sales subsidiary in the Philippines, Yamaha Motor Philippines, Inc., was accessed without authorization by a third party and hit by a ransomware attack, and a partial leakage of employees' personal information stored by the company was confirmed,” the company said in a press release. 

“Upon learning of the attack, the IT Center at Yamaha Motor headquarters in Japan and YMPH immediately set up a countermeasures team and have been working to prevent further damage while investigating the scope of the impacts, etc., as well as working on a recovery together with an external internet security company, but we expect it will be some time until the full extent of the damage can be confirmed.”

While the company did not discuss the identity of the attackers, a group going by the name INC Ransom claimed responsibility for the attack and leaked data alleging it came from the breach, BleepingComputer has found. 

The company was added to INC Ransom’s data leak site on November 15, and since then, a total of 37GB of data has been posted. Some of the data, the media said, include employee ID information, backup files, as well as corporate and sales information.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.