CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Data Breaches

Yamaha Motor Confirms Data Breach Following Ransomware Attack

Yamaha Motor discloses ransomware attack impacting the personal information of its Philippines subsidiary’s employees.

The personal information of employees was stolen in a ransomware attack targeting a Philippines subsidiary of Yamaha Motor.

The incident, the Japanese mobility and industrial giant says, occurred on October 25, and only impacted one server managed by Yamaha Motor Philippines, the company’s motorcycle manufacturing and sales subsidiary in the country.

The server, Yamaha Motor says, “was accessed without authorization by a third party and hit by a ransomware attack, and a partial leakage of employees’ personal information stored by the company was confirmed.”

Yamaha says it immediately set up a “countermeasures team”, took steps to prevent further damage, and launched an investigation into the incident. The attack was also reported to the Philippine authorities.

On November 16, the investigation revealed that some personal information stored by Yamaha Motor Philippines was compromised in the attack.

The company says it has restored all Yamaha Motor Philippines servers and systems that were not impacted in the attack. The incident did not affect the headquarters and other companies in the Yamaha Motor group, the motorcycle maker says.

While Yamaha did not name the ransomware group responsible for the attack, the INC Ransom gang has claimed responsibility for the incident.

Active since July 2023, the ransomware group appears opportunistic in nature, targeting organizations in various industries, typically by exploiting vulnerable internet-facing assets.

Advertisement. Scroll to continue reading.

According to SentinelOne, INC Ransom has been observed exploiting CVE-2023-3519, a critical-severity Citrix NetScaler ADC and Gateway vulnerability that came to light in July, when it was exploited as a zero-day by both financially motivated and state-sponsored threat actors.

Last week, INC Ransom published on its leak site data allegedly stolen from Yamaha Motor Philippines, including identification documents, employee ID cards, and various internal documents.

Over the past month, the ransomware gang has claimed hacking into the systems of a dozen organizations, including WellLife Network, Decatur Independent School District, Guardian Alarm, EFU Life Assurance, and Global Export Marketing.

Related: Yellen Says Ransomware Attack on China’s Biggest Bank Minimally Disrupted Treasury Market Trades

Related: Western Digital Confirms Ransomware Group Stole Customer Information

Related: Windows Zero-Day Exploited in Nokoyawa Ransomware Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.