Nidec Corporation is informing that hackers behind a ransomware attack is suffered earlier this year stole data and leaked it on the dark web.
The Japanese tech giant says the threat actors tried to extort the company and decided to leak the information after their demands were not met.
The attack did not encrypt files and the incident is considered fully remediated at this time. However, Nidec employees, contractors, and associates, should be aware that the leaked data could be used in more targeted phishing attacks.
Nidec Corporation is a global leader in the manufacturing of precision motors, automotive components, industrial parts, home appliance parts, and robotic systems.
It operates in 40 countries, employs 120,000 people, and generates an annual revenue of more than $11 billion.
Nidec Precision breach
The cyberattack breached Nidec Precision division based in Vietnam, which specializes in manufacturing optical, electronic, and mechanical equipment for the photography industry.
As per the results of the internal investigation, which is still ongoing, the hackers obtained valid VPN account credentials of a Nidec employee and accessed a server that contained confidential information.
The company closed the entry point and implemented additional security measures, as per recommendations from external cybersecurity experts. Nidec employees are undergoing training on how to minimize such risks.
The investigation also revealed that the attackers stole 50,694 files, including the following:
- Internal documents
- Letters from business partners
- Documents related to green procurement
- Labor safety and health policies (business and supply chain, etc.)
- Business documents (purchase orders, invoices, receipts)
- Contracts
Nidec said that it would notify directly its business partners affected by the incident.
8BASE and Everest gangs claim attacks
The 8BASE ransomware gang claimed an attack on Nidec on June 18, alleging that the data had been stolen from the systems of the Japanese firm on June 3, 2024.
8BASE claimed to be holding much of what Nidec confirmed via its investigation, plus personal data and “a huge mount of confidential information.”
Nidec in July aknowledged a ransomware attack without naming the perpetrators, stating that it was the impacted division was Nidec Instruments.
On August 8, the Everest ransomware group, known for receiving stolen data from other cybercriminals to perform new extortion attempts on victims, published data allegedly stolen from Nidec.
The company states in the latest announcement that the threat actors first made contact on August 5, suggesting that the communication came from the Everest ransomware gang.
Nidec has acknowledged that the data that leaked on the dark web comes from its systems but did not offer any clarification about the threat actors’ claims.
In any case, the company says it does not believe that any of the leaked data could be used to cause direct financial damage to it or its contractors and has not observed unauthorized use of the information.
H/T: @H4ckManac