Connect with us

Hi, what are you looking for?



Japan Aviation Electronics Targeted in Ransomware Attack

Japan Aviation Electronics confirms cyberattack as Alphv/BlackCat ransomware group publishes allegedly stolen data.

Japanese electronics manufacturer Japan Aviation Electronics Industry is recovering from a cyberattack for which the Alphv/BlackCat ransomware group has claimed responsibility.

Founded in 1953 and headquartered in Shibuya, Tokyo, Japan Aviation Electronics manufactures electrical connectors, aerospace electronics, and user interface related devices.

The incident, the company said in a notice on its website, occurred on November 2 and involved some of its servers being accessed by an unauthorized external party.

The company said it immediately suspended some of the impacted systems and that it has been assessing the impact of the attack and restoring operations.

The disruption, Japan Aviation Electronics noted, resulted in “some delays in sending and receiving emails”.

“No information leakage has been confirmed to date,” the manufacturing giant also noted.

While Japan Aviation Electronics has not found evidence of data exfiltration, the Alphv/BlackCat ransomware gang claims to have stolen roughly 150,000 documents from the company, including blueprints, contracts, confidential messages, and reports.

Alphv/BlackCat has added Japan Aviation Electronics to its leak website on the Tor network, posting screenshots of documents allegedly stolen from the manufacturer.

Advertisement. Scroll to continue reading.

The first ransomware family to be written in Rust, Alphv/BlackCat has been active since November 2021, operating under the ransomware-as-a-service (RaaS) business model and likely linked to the Darkside/Blackmatter ransomware gang.

The Alphv/BlackCat group is known for exfiltrating victim data for extortion, deploying file-encrypting ransomware, and engaging various extortion tactics, including distributed denial-of-service (DDoS) attacks, and the harassment of victims’ customers and employees.

In June and May 2023, the gang claimed responsibility for a February 2023 cyberattack against Reddit and for intrusions at Canadian software company Constellation Software and at Western Digital.

Related: Ransomware Gang Leaks Data Allegedly Stolen From Canadian Hospitals

Related: American Airlines Pilot Union Recovering After Ransomware Attack

Related: Mortgage Giant Mr. Cooper Shuts Down Systems Following Cyberattack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.


US payments giant NCR has confirmed being targeted in a ransomware attack for which the BlackCat/Alphv group has taken credit.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.