Kawasaki Motors Europe has introduced that it is recovering from a cyberattack that precipitated service disruptions because the RansomHub ransomware gang threatens to leak stolen information.
The corporate says the assault focused its EU headquarters, and it’s at present analyzing and cleansing any “suspicious materials,” equivalent to malware, that will nonetheless be lurking on programs.
“In the beginning of September, Kawasaki Motors Europe (KME) was the topic of a cyber-attack which, though not profitable, resulted within the firm’s servers being briefly remoted till a strategic restoration plan was initiated afterward the identical day,” reads the announcement.
“KME and its nation Branches function a lot of servers and, as a precaution, it was determined to isolate every one and put a cleaning course of in place whereby all information was checked and any suspicious materials recognized and handled.”
Kawasaki Motors Europe is a subsidiary of Kawasaki Heavy Industries, Ltd., a world Japanese firm recognized for manufacturing bikes, all-terrain autos (ATVs), Jet Skis, utility autos, and different motorized merchandise.
KME is chargeable for the distribution, gross sales, and advertising and marketing of Kawasaki’s bike merchandise within the European market, working an in depth community of approved dealerships and customer support facilities throughout the continent.
The corporate says that its IT employees collaborated with exterior cybersecurity consultants following the assault, checking servers one after the other earlier than they related them again into the company community.
KME estimates that by the beginning of subsequent week, 90% of its server infrastructure can have been restored.
All the pieces that issues enterprise operations, together with dealerships, third-party suppliers, and logistics operations, will not be impacted.
RansomHub claims the assault
Kawasaki’s announcement comes because the RansomHub ransomware gang claimed duty for the assault on the corporate.
The menace group added the corporate to its extortion portal on the darkish internet on September 5, 2024, claiming the theft of 487 GB of information from Kawasaki’s networks.
The timer is about to run out tomorrow, and if the menace actors’ calls for aren’t happy, they threaten to publish all stolen information by that time.
It’s unclear if RansomHub holds buyer information within the stolen information, however this situation can’t be dominated out at this level.
BleepingComputer contacted Kawasaki each when RansomHub introduced them as victims and once more right now, however each our requests for a remark have gone unanswered.
RansomHub has turn into prolific for the reason that BlackCat/ALPHV ransomware operation shut down, with lots of its associates shifting to the newer ransomware-as-a-service program.
With the inflow of expert associates, RansomHub has seen a surge in profitable assaults, together with these towards a division of Ceremony Help, Frontier, Deliberate Parenthood, Halliburton, Christie’s,
Final month, a joint advisory between the FBI, CISA, and the Division of Well being and Human Companies (HHS) reported that RansomHub breached 210 victims from a variety of essential U.S. infrastructure sectors because it launched in February.