Kawasaki Motors Europe has introduced that it is recovering from a cyberattack that brought about service disruptions because the RansomHub ransomware gang threatens to leak stolen information.
The corporate says the assault focused its EU headquarters, and it’s at present analyzing and cleansing any “suspicious material,” similar to malware, which will nonetheless be lurking on methods.
“At the start of September, Kawasaki Motors Europe (KME) was the subject of a cyber-attack which, although not successful, resulted in the company’s servers being temporarily isolated until a strategic recovery plan was initiated later on the same day,” reads the announcement.
“KME and its country Branches operate a large number of servers and, as a precaution, it was decided to isolate each one and put a cleansing process in place whereby all data was checked and any suspicious material identified and dealt with.”
Kawasaki Motors Europe is a subsidiary of Kawasaki Heavy Industries, Ltd., a world Japanese firm recognized for manufacturing bikes, all-terrain autos (ATVs), Jet Skis, utility autos, and different motorized merchandise.
KME is accountable for the distribution, gross sales, and advertising of Kawasaki’s motorbike merchandise within the European market, working an intensive community of approved dealerships and customer support facilities throughout the continent.
The corporate says that its IT employees collaborated with exterior cybersecurity consultants following the assault, checking servers one after the other earlier than they linked them again into the company community.
KME estimates that by the beginning of subsequent week, 90% of its server infrastructure may have been restored.
Every part that considerations enterprise operations, together with dealerships, third-party suppliers, and logistics operations, shouldn’t be impacted.
RansomHub claims the assault
Kawasaki’s announcement comes because the RansomHub ransomware gang claimed accountability for the assault on the corporate.
The risk group added the corporate to its extortion portal on the darkish internet on September 5, 2024, claiming the theft of 487 GB of knowledge from Kawasaki’s networks.
The timer is ready to run out tomorrow, and if the risk actors’ calls for aren’t glad, they threaten to publish all stolen information by that time.
It’s unclear if RansomHub holds buyer information within the stolen recordsdata, however this situation can’t be dominated out at this level.
BleepingComputer contacted Kawasaki each when RansomHub introduced them as victims and once more right now, however each our requests for a remark have gone unanswered.
RansomHub has turn into prolific because the BlackCat/ALPHV ransomware operation shut down, with a lot of its associates transferring to the newer ransomware-as-a-service program.
With the inflow of expert associates, RansomHub has seen a surge in profitable assaults, together with these towards a division of Ceremony Help, Frontier, Deliberate Parenthood, Halliburton, Christie’s,Â
Final month, a joint advisory between the FBI, CISA, and the Division of Well being and Human Companies (HHS) reported that RansomHub breached 210 victims from a variety of essential U.S. infrastructure sectors because it launched in February.