The non-public info of workers was stolen in a ransomware assault concentrating on a Philippines subsidiary of Yamaha Motor.
The incident, the Japanese mobility and industrial large says, occurred on October 25, and solely impacted one server managed by Yamaha Motor Philippines, the corporate’s motorbike manufacturing and gross sales subsidiary within the nation.
The server, Yamaha Motor says, “was accessed with out authorization by a 3rd occasion and hit by a ransomware assault, and a partial leakage of workers’ private info saved by the corporate was confirmed.”
Yamaha says it instantly arrange a “countermeasures group”, took steps to forestall additional injury, and launched an investigation into the incident. The assault was additionally reported to the Philippine authorities.
On November 16, the investigation revealed that some private info saved by Yamaha Motor Philippines was compromised within the assault.
The corporate says it has restored all Yamaha Motor Philippines servers and programs that weren’t impacted within the assault. The incident didn’t have an effect on the headquarters and different firms within the Yamaha Motor group, the motorbike maker says.
Whereas Yamaha didn’t title the ransomware group liable for the assault, the INC Ransom gang has claimed accountability for the incident.
Energetic since July 2023, the ransomware group seems opportunistic in nature, concentrating on organizations in numerous industries, sometimes by exploiting weak internet-facing belongings.
In response to SentinelOne, INC Ransom has been noticed exploiting CVE-2023-3519, a critical-severity Citrix NetScaler ADC and Gateway vulnerability that got here to gentle in July, when it was exploited as a zero-day by each financially motivated and state-sponsored risk actors.
Final week, INC Ransom printed on its leak web site knowledge allegedly stolen from Yamaha Motor Philippines, together with identification paperwork, worker ID playing cards, and numerous inside paperwork.
Over the previous month, the ransomware gang has claimed hacking into the programs of a dozen organizations, together with WellLife Community, Decatur Unbiased College District, Guardian Alarm, EFU Life Assurance, and World Export Advertising.
