Kawasaki Motors Europe has introduced that it is recovering from a cyberattack that induced service disruptions because the RansomHub ransomware gang threatens to leak stolen information.
The corporate says the assault focused its EU headquarters, and it’s at the moment analyzing and cleansing any “suspicious materials,” resembling malware, which will nonetheless be lurking on programs.
“Firstly of September, Kawasaki Motors Europe (KME) was the topic of a cyber-attack which, though not profitable, resulted within the firm’s servers being briefly remoted till a strategic restoration plan was initiated afterward the identical day,” reads the announcement.
“KME and its nation Branches function numerous servers and, as a precaution, it was determined to isolate each and put a cleaning course of in place whereby all information was checked and any suspicious materials recognized and handled.”
Kawasaki Motors Europe is a subsidiary of Kawasaki Heavy Industries, Ltd., a world Japanese firm identified for manufacturing bikes, all-terrain automobiles (ATVs), Jet Skis, utility automobiles, and different motorized merchandise.
KME is answerable for the distribution, gross sales, and advertising of Kawasaki’s bike merchandise within the European market, working an in depth community of approved dealerships and customer support facilities throughout the continent.
The corporate says that its IT employees collaborated with exterior cybersecurity consultants following the assault, checking servers one after the other earlier than they related them again into the company community.
KME estimates that by the beginning of subsequent week, 90% of its server infrastructure could have been restored.
Every thing that considerations enterprise operations, together with dealerships, third-party suppliers, and logistics operations, will not be impacted.
RansomHub claims the assault
Kawasaki’s announcement comes because the RansomHub ransomware gang claimed accountability for the assault on the corporate.
The menace group added the corporate to its extortion portal on the darkish net on September 5, 2024, claiming the theft of 487 GB of knowledge from Kawasaki’s networks.
The timer is about to run out tomorrow, and if the menace actors’ calls for aren’t happy, they threaten to publish all stolen information by that time.
It’s unclear if RansomHub holds buyer information within the stolen information, however this state of affairs can’t be dominated out at this level.
BleepingComputer contacted Kawasaki each when RansomHub introduced them as victims and once more right now, however each our requests for a remark have gone unanswered.
RansomHub has grow to be prolific for the reason that BlackCat/ALPHV ransomware operation shut down, with lots of its associates shifting to the newer ransomware-as-a-service program.
With the inflow of expert associates, RansomHub has seen a surge in profitable assaults, together with these towards a division of Ceremony Support, Frontier, Deliberate Parenthood, Halliburton, Christie’s,
Final month, a joint advisory between the FBI, CISA, and the Division of Well being and Human Providers (HHS) reported that RansomHub breached 210 victims from a variety of essential U.S. infrastructure sectors because it launched in February.
