The BlackCat/ALPHV ransomware gang has added Seiko to its extortion web site, claiming accountability for a cyberattack disclosed by the Japanese agency earlier this month.
Seiko is without doubt one of the world’s largest and most historic watchmakers, with roughly 12,000 workers and an annual income that surpasses $1.6 billion.
On August tenth, 2023, the corporate revealed a discover of a data breach informing that an unauthorized third-party gained entry to a minimum of part of its IT infrastructure and accessed or exfiltrated knowledge.
“It seems that [on July 28, 2023] some as-yet-unidentified social gathering or events gained unauthorized entry to a minimum of one in all our servers,” reads Seiko’s announcement.
“Subsequently, on August 2nd, we commissioned a staff of exterior cybersecurity consultants to analyze and assess the state of affairs.”
“In consequence, we are actually fairly sure that there was a breach and that some data saved by our Firm and/or our Group corporations might have been compromised.”
Seiko apologized to the possibly impacted prospects and enterprise companions and urged them to be vigilant towards e mail or different communication makes an attempt probably impersonating Seiko.
BlackCat assuming accountability
In the present day, the BlackCat ransomware group claimed to be behind the assault on Seiko, posting samples of information that they declare to have stolen in the course of the assault.
Within the itemizing, the menace actors mock Seiko’s IT security and leak what look like manufacturing plans, worker passport scans, new mannequin launch plans, and specialised lab take a look at outcomes.
Most worryingly, the menace actors have leaked samples of what they declare are confidential technical schematics and Seiko watch designs.
This means that BlackCat very doubtless possesses drawings that showcase Seiko internals, together with patented know-how, which might be damaging to publish and expose to opponents and imitators.
BlackCat is without doubt one of the most superior and infamous ransomware gangs actively concentrating on the enterprise, always evolving its extortion techniques.
For instance, the group was the primary to make use of a clearweb web site devoted to leaking knowledge for a specific sufferer and, extra not too long ago, created an information leak API, permitting for simpler distribution of stolen knowledge.
Replace 8/21/23: After publishing this story, researchers at Curated Intel advised BleepingComputer that an preliminary entry dealer (IAB) was promoting entry to a Japanese manufacturing firm on July twenty seventh, at some point earlier than Seiko mentioned they have been initially breached.
Whereas the IAB didn’t share the title of the corporate they have been promoting entry to, they did say the corporate is in manufacturing and has ‘1.8B’ in income per Zoominfo, which is an actual match to Seiko’s Zoominfo web page.
BleepingComputer has contacted Seiko for extra feedback on the menace actor’s claims, however now we have not acquired a response by publication time.