Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors

The RansomHub ransomware gang has published 487 gigabytes of data allegedly stolen from Kawasaki Motors Europe’s systems.

The RansomHub ransomware group has released 487 gigabytes of data it allegedly stole from motorcycles manufacturer Kawasaki Motors Europe (KME).

The company disclosed the incident last week, informing customers that it was recovering from an early-September cyberattack that was not successful.

As a precautionary measure, the company said, servers were temporarily isolated and a cleansing process was initiated to check all data and deal with any potential infection.

“The KME IT department, IT staff at its branches, plus external cyber security advisors spent the following week isolating and health-checking all servers and restoring their interconnectivity,” KME said.

The company says it managed to restore over 90% of server functionality and to resume normal business “in respect of dealers, business administration, and third-party suppliers such as logistics companies”.

While the motorcycle maker did not say what type of cyberattack it fell victim to, the RansomHub ransomware gang had already added Kawasaki to its Tor-based leak site by the time the official incident notice was published.

The group claimed to have exfiltrated 487 Gb of data from KME and threatened to release the allegedly stolen information publicly unless a ransom was paid.

Over the weekend, due to the failed extortion attempt, RansomHub followed through with its threat, and the data was published.

Advertisement. Scroll to continue reading.

SecurityWeek has emailed KME for a statement on RansomHub leaking the data and will update this article when a reply arrives.

A division of Japanese manufacturer Kawasaki Heavy Industries, KME sells motorcycles, utility vehicles, powersport industry products, parts, accessories, and gear.

Active since February 2024, the RansomHub ransomware gang had made over 210 victims by the end of August, the US government said in a joint advisory late last month. However, not all of the victims are listed on the group’s Tor-based site.

Related: Data Stolen in Ransomware Attack That Hit Seattle Airport

Related: How to Improve Mean Time to Detect for Ransomware

Related: Nikkei Says Customer Data Likely Impacted in Ransomware Attack

Related: Leaks Show Conti Ransomware Group Working on Firmware Exploits

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Software giant Atlassian has named David Cross as its new CISO.

Dan Pagel has been named the new CEO of risk management and remediation firm Brinqa.

The City of Phoenix has promoted Mitch Kohlbecker to the role of Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.