Kawasaki Motors Europe has introduced that it is recovering from a cyberattack that precipitated service disruptions because the RansomHub ransomware gang threatens to leak stolen knowledge.
The corporate says the assault focused its EU headquarters, and it’s at present analyzing and cleansing any “suspicious materials,” similar to malware, that will nonetheless be lurking on techniques.
“In the beginning of September, Kawasaki Motors Europe (KME) was the topic of a cyber-attack which, though not profitable, resulted within the firm’s servers being briefly remoted till a strategic restoration plan was initiated in a while the identical day,” reads the announcement.
“KME and its nation Branches function numerous servers and, as a precaution, it was determined to isolate each and put a cleaning course of in place whereby all knowledge was checked and any suspicious materials recognized and handled.”
Kawasaki Motors Europe is a subsidiary of Kawasaki Heavy Industries, Ltd., a worldwide Japanese firm recognized for manufacturing bikes, all-terrain autos (ATVs), Jet Skis, utility autos, and different motorized merchandise.
KME is chargeable for the distribution, gross sales, and advertising and marketing of Kawasaki’s bike merchandise within the European market, working an intensive community of licensed dealerships and customer support facilities throughout the continent.
The corporate says that its IT employees collaborated with exterior cybersecurity specialists following the assault, checking servers one after the other earlier than they linked them again into the company community.
KME estimates that by the beginning of subsequent week, 90% of its server infrastructure may have been restored.
All the things that issues enterprise operations, together with dealerships, third-party suppliers, and logistics operations, just isn’t impacted.
RansomHub claims the assault
Kawasaki’s announcement comes because the RansomHub ransomware gang claimed accountability for the assault on the corporate.
The risk group added the corporate to its extortion portal on the darkish internet on September 5, 2024, claiming the theft of 487 GB of knowledge from Kawasaki’s networks.
The timer is about to run out tomorrow, and if the risk actors’ calls for aren’t glad, they threaten to publish all stolen knowledge by that time.
It’s unclear if RansomHub holds buyer knowledge within the stolen recordsdata, however this situation can’t be dominated out at this level.
BleepingComputer contacted Kawasaki each when RansomHub introduced them as victims and once more right now, however each our requests for a remark have gone unanswered.
RansomHub has turn out to be prolific because the BlackCat/ALPHV ransomware operation shut down, with lots of its associates transferring to the newer ransomware-as-a-service program.
With the inflow of expert associates, RansomHub has seen a surge in profitable assaults, together with these in opposition to a division of Ceremony Support, Frontier, Deliberate Parenthood, Halliburton, Christie’s,
Final month, a joint advisory between the FBI, CISA, and the Division of Well being and Human Companies (HHS) reported that RansomHub breached 210 victims from a variety of important U.S. infrastructure sectors because it launched in February.