Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Electric Motor Giant Nidec Confirms Data Stolen in Ransomware Attack

Electric motor manufacturer Nidec confirms business and internal documents were stolen in a ransomware attack.

Japanese electric motor manufacturer Nidec has confirmed that various types of business and internal documents were stolen in an August 2024 ransomware attack.

The incident, the company says, impacted its Vietnam-based subsidiary Nidek Precision (NPCV), and was discovered after the attackers contacted Nidec to demand a ransom payment.

Because the manufacturer did not comply with the extortion demands, the ransomware group published the documents and files allegedly stolen from NPCV on their Tor-based leak site.

The ransomware attack, Nidec says in an incident notice (in Japanese) on its website, was limited to NPCV’s network and was not followed by other intrusions.

According to the company, the threat actors stole a total of 50,694 files from NPCV, including internal documents related to green procurement, health and safety, policies, and transactions, as well as letters from business partners.

Nidec also noted that the intrusion likely occurred after the attackers obtained the credentials for an NPCV general domain account and used them to log in to the server and view files the account was authorized to access.

In response, Nidec and its subsidiaries conducted a thorough investigation, reviewed server access rights, and changed passwords. NPCV also suspended the use of the VPN application believed to have been used as part of the attack.

The company also said that the compromised information could not directly cause secondary economic damage and that it has no evidence that the stolen information has been used maliciously.

Advertisement. Scroll to continue reading.

While Nidec did not name the threat actor that breached NPCV, both the 8base and Everest ransomware groups listed the company on their leak sites this summer, in July and August, respectively. Nidec’s incident notice suggests that Everest was behind the extortion attempt.

Headquartered in Kyoto, Japan, and with approximately 300 subsidiaries worldwide, Nidec manufactures and distributes electric motors used in hard disks, automobile and manufacturing equipment, and electronic appliances.

Related: Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft

Related: Safety Equipment Giant Cadre Holdings Hit by Cyberattack

Related: Maryland Lawmaker: Officials Misled on Ransomware Attack

Related: Ransomware Gang Claims to Have Stolen Data From National Rifle Association

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.