Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Ransomware Gang Threatens to Leak Files Stolen From Tire Giant Bridgestone

A well-known ransomware group is threatening to leak files stolen from tire and rubber giant Bridgestone Americas.

A well-known ransomware group is threatening to leak files stolen from tire and rubber giant Bridgestone Americas.

The cyberattack came to light in late February. Bridgestone at the time decided to disconnect many of its manufacturing and retreading facilities in the Americas from its network, which led to some plant operations getting shut down and employees being sent home. The company has 50 production facilities and 55,000 employees.

A cybercrime gang that has been using the LockBit 2.0 ransomware has taken credit for the attack on Bridgestone and is now threatening to make public “all available data.” At the time of writing, the timer on the group’s website shows that the company has less than two days to pay a ransom and avoid a data leak.

Bridgestone hacked by LockBit 2.0

Nashville, Tennessee-based Bridgestone discovered the breach on February 27. It has now confirmed that ransomware was involved and that data from “a limited number” of systems has been stolen.

Law enforcement has been notified and Accenture Security has been called in to assist with the investigation.

It’s unclear how much money the hackers are hoping to make, but they are known to demand tens of millions of dollars from big companies.

The LockBit 2.0 gang has taken credit for several high-profile attacks over the past months, including one that targeted Accenture. The cybercriminals published thousands of files allegedly stolen from the consulting giant.

The group recently also claimed to have breached systems belonging to France’s Ministry of Justice. The files allegedly belonging to the Ministry of Justice have also been made public.

Advertisement. Scroll to continue reading.

In an alert issued in February, the FBI warned organizations about LockBit 2.0 attacks. The agency has provided indicators of compromise (IoC) and other technical details to help companies detect and prevent attacks.

Related: Ransomware Operators Leak Data Stolen From Wind Turbine Giant Vestas

Related: University Project Cataloged 1,100 Ransomware Attacks on Critical Infrastructure

Related: Swissport Investigating Ransomware Group’s Data Leak Claims

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Ransomware

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.