The threat actors that breached Nidec Corporation earlier in 2024 leaked the data they stole in the attack on the dark web, the company has confirmed.
In its announcement, the company explained a threat actor stole valid VPN account information from a Nidec employee, and used it to access a server holding sensitive information.
It is important to note here that this was not a full-blown ransomware attack – no systems were encrypted during the attack. Instead, the threat actor just stole as many files as they could, and bolted.
8BASE and Everest
Nidec Corporation is a Japanese multinational company specializing in electric motor technology, producing a wide range of motors for applications such as automotive, industrial, and home appliances.
In early June 2024, one of its subsidiaries – Nidec Precision – suffered a cyberattack.
Nidec Precision focuses on the design and manufacturing of precision components, particularly in the areas of robotics, electronics, and industrial automation. This company is based in Vietnam.
Among the information stolen in the attack are 50,694 files, including internal documents, letters from business partners, documents related to green procurement, labor safety and health policies, business documents (purchase orders, invoices, receipts), contracts, and more.
Roughly two weeks after the incident, a ransomware threat actor named 8BASE claimed responsibility for the attack. The group said the organization had not disclosed the full scope of compromised data, and that it held a “huge amount” of confidential files. A month later, another threat actor, called Everest, leaked the stolen data.
According to BleepingComputer, Everest is a threat actor that specializes in extortion negotiations, so it’s safe to assume that 8BASE handed the job to Everest, once its efforts proved futile. Ultimately, no malicious actors managed to convince Nidec to pay up.
Via BleepingComputer
More from TechRadar Pro
https://cdn.mos.cms.futurecdn.net/mX3W9KraGSUsScvjwiRudM-1200-80.jpg
Source link
