Now on Demand: Zero Trust Strategies Summit - Access All Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors

The RansomHub ransomware gang has published 487 gigabytes of data allegedly stolen from Kawasaki Motors Europe’s systems.

The RansomHub ransomware group has released 487 gigabytes of data it allegedly stole from motorcycles manufacturer Kawasaki Motors Europe (KME).

The company disclosed the incident last week, informing customers that it was recovering from an early-September cyberattack that was not successful.

As a precautionary measure, the company said, servers were temporarily isolated and a cleansing process was initiated to check all data and deal with any potential infection.

“The KME IT department, IT staff at its branches, plus external cyber security advisors spent the following week isolating and health-checking all servers and restoring their interconnectivity,” KME said.

The company says it managed to restore over 90% of server functionality and to resume normal business “in respect of dealers, business administration, and third-party suppliers such as logistics companies”.

While the motorcycle maker did not say what type of cyberattack it fell victim to, the RansomHub ransomware gang had already added Kawasaki to its Tor-based leak site by the time the official incident notice was published.

The group claimed to have exfiltrated 487 Gb of data from KME and threatened to release the allegedly stolen information publicly unless a ransom was paid.

Over the weekend, due to the failed extortion attempt, RansomHub followed through with its threat, and the data was published.

Advertisement. Scroll to continue reading.

SecurityWeek has emailed KME for a statement on RansomHub leaking the data and will update this article when a reply arrives.

A division of Japanese manufacturer Kawasaki Heavy Industries, KME sells motorcycles, utility vehicles, powersport industry products, parts, accessories, and gear.

Active since February 2024, the RansomHub ransomware gang had made over 210 victims by the end of August, the US government said in a joint advisory late last month. However, not all of the victims are listed on the group’s Tor-based site.

Related: Data Stolen in Ransomware Attack That Hit Seattle Airport

Related: How to Improve Mean Time to Detect for Ransomware

Related: Nikkei Says Customer Data Likely Impacted in Ransomware Attack

Related: Leaks Show Conti Ransomware Group Working on Firmware Exploits

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.