Japanese tech giant Nidec confirms 8Base data breach, company data released

Japanese tech giant Nidec confirms 8Base data breach, company data released

Japanese tech giant Nidec confirms 8Base data breach, company data released

Japanese tech giant Nidec has confirmed that malicious actors breached its systems and launched a ransomware attack earlier this year, following claims by cybercriminals that they had exfiltrated the company’s data.

Nidec Corporation is the world’s leading manufacturer of complete motors, specializing in “everything that spins and moves,” according to the company.

In May this year, the 8Base ransomware gang claimed to have launched a ransomware attack against Nidec Instruments Corporation, claiming to have exfiltrated data including invoices, receipts, accounting documents, certificates, employment contracts, personal data, confidentiality agreements, personal files and a “huge amount of confidential information”.

According to Nidec’s latest statement, the threat actors breached the Vietnam-based company’s Nidec Precision (NPCV) division.

“[NPCV] was illegally accessed by an external malicious criminal group, and documents and files from NPCV’s server were stolen, resulting in an extortion attack in which a ransom was demanded based on the stolen documents and files », Indicates the press release.

“In addition, because our company did not meet the demands of the external criminal group, they published the stolen documents and files on a so-called dark site, making them accessible to third parties.”

The company added that it became aware of the incident on August 5 when the threat group contacted and demanded a ransom.

It also said that the data made public by 8Base includes “internal NPCV documents, supplier letters, documents related to green procurement, occupational health and safety and policies (operations, supply chain , etc.), transaction documents (purchase orders, invoices, receipts), contracts, etc.

“We will provide separate information to business partners involved in the information leak,” he said.

The company believes the threat group gained access through the use of stolen credentials for NPCV’s general domain account. Following the breach, all companies in the group reportedly scanned all devices, reset passwords, reviewed access rights to their servers and suspended the NPCV VPN device which they claimed allowed malicious actors to access.

“Once again, we would like to sincerely apologize for the inconvenience and concern caused to our customers and all other parties involved,” he said.

Cyber ​​Daily observed that Nidec was also listed by the Everest ransomware group on August 8, 2024. It has since published data allegedly belonging to Nidec. It is unclear whether this is a separate incident or a case of republished data.

How to combat AI and cheating in class

How to combat AI and cheating in class

Google made millions from ads for fake abortion clinics

Google made millions from ads for fake abortion clinics

Leave a Reply

Your email address will not be published. Required fields are marked *