The RansomHub ransomware group has released 487 gigabytes of data it allegedly stole from motorcycles manufacturer Kawasaki Motors Europe (KME).
The company disclosed the incident last week, informing customers that it was recovering from an early-September cyberattack that was not successful.
As a precautionary measure, the company said, servers were temporarily isolated and a cleansing process was initiated to check all data and deal with any potential infection.
“The KME IT department, IT staff at its branches, plus external cyber security advisors spent the following week isolating and health-checking all servers and restoring their interconnectivity,” KME said.
The company says it managed to restore over 90% of server functionality and to resume normal business “in respect of dealers, business administration, and third-party suppliers such as logistics companies”.
While the motorcycle maker did not say what type of cyberattack it fell victim to, the RansomHub ransomware gang had already added Kawasaki to its Tor-based leak site by the time the official incident notice was published.
The group claimed to have exfiltrated 487 Gb of data from KME and threatened to release the allegedly stolen information publicly unless a ransom was paid.
Over the weekend, due to the failed extortion attempt, RansomHub followed through with its threat, and the data was published.
SecurityWeek has emailed KME for a statement on RansomHub leaking the data and will update this article when a reply arrives.
A division of Japanese manufacturer Kawasaki Heavy Industries, KME sells motorcycles, utility vehicles, powersport industry products, parts, accessories, and gear.
Active since February 2024, the RansomHub ransomware gang had made over 210 victims by the end of August, the US government said in a joint advisory late last month. However, not all of the victims are listed on the group’s Tor-based site.
Related: Data Stolen in Ransomware Attack That Hit Seattle Airport
Related: How to Improve Mean Time to Detect for Ransomware
Related: Nikkei Says Customer Data Likely Impacted in Ransomware Attack
Related: Leaks Show Conti Ransomware Group Working on Firmware Exploits