Kurita America Inc. (KAI), the North American subsidiary of Tokyo-based Kurita Water Industries Ltd., has confirmed it was the victim of a ransomware attack that compromised multiple servers and potentially leaked sensitive data.
The attack was detected on Friday, November 29, 2024, and has raised concerns worldwide among customers and business partners.
KAI’s security monitoring system flagged the unauthorized access at approximately 3 p.m. on November 29. Upon investigation, the presence of ransomware, which had encrypted data on multiple servers, was confirmed.
The company promptly disconnected the compromised servers from the network to mitigate further damage.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar
In a statement issued by Kurita Water Industries Ltd., headquartered in Nakano-ku, Tokyo, the company expressed deep regret over the incident, apologizing for the concern and inconvenience caused to its stakeholders.
The company acknowledged that some data stored on KAI’s servers might have been exposed to third parties.
This includes sensitive information belonging to customers, business partners, and employees. Details on the extent of the breach or the specific nature of the data affected remain under investigation.
Thanks to quick containment efforts and external cybersecurity expertise, KAI has successfully restored its main servers.
Business operations have reportedly not been disrupted. Moving forward, an in-depth investigation into the incident’s root cause will continue, with further emphasis on enhancing security measures across the entire Kurita Group.
Kurita Water Industries reaffirmed its commitment to minimizing the impact on affected parties and strengthening its global information security infrastructure to prevent future incidents.
This incident underscores the growing vulnerability of critical industries to ransomware attacks. Companies in essential sectors, such as water treatment, increasingly face cyber threats that not only disrupt operations but also risk sensitive data exposure.
Experts urge such organizations to adopt stronger cybersecurity frameworks to counter these evolving dangers.
Investigate Real-World Malicious Links,Malware & Phishing Attacks With ANY.RUN - Try for Free
Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific versions…
Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms. Phishing…
A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking AI…
A serious security flaw has been identified in Ivanti Connect Secure, designated as CVE-2025-0282, which enables…
Let’s Encrypt has announced plans to introduce six-day certificate options and support for IP address…
As a dedicated bug bounty hunter with an enviable track record on BugCrowd, Abdullah Nawaf, Full…