Yamaha Ransomware Attack: Employees Personal Information Exposed

A ransomware attack targeted Yamaha Motor Co., Ltd., resulting in a partial disclosure of the personal information maintained by the company.

Notably, a third party gained unauthorized access to one of the servers run by Yamaha Motor Philippines, Inc. (YMPH), its motorcycle manufacturing and sales division in the Philippines.

“Yamaha Motor Philippines, Inc. (YMPH) was accessed without authorization by a third party and hit by a ransomware attack, and a partial leakage of employees’ personal information stored by the company was confirmed,” the company said.

Upon learning of the attack, the company promptly established a countermeasures team, and they have been attempting to stop additional harm while assessing the extent of the effects.

Overview of the Ransomware Attack

On October 25, it was confirmed that YMPH was the target of a ransomware attack. The business filed a report with the Philippine authorities.

On November 16, it became clear that certain employees’ personal information kept by YMPH had been compromised.

Document
Free Webinar

Live API Attack Simulation Webinar

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked. The session will cover: an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

“The attack was limited to one of the servers managed by YMPH and we have confirmed that it has not affected the headquarters or any other companies in the Yamaha Motor group,” the company said.

The company stated that the YMPH’s servers and systems that were unaffected by the attack have now been restored.

The attack has been linked to the ransomware group INC Ransom, which also claims to have exposed data taken from the Yamaha Motor Philippines network. Yamaha, in particular, has not linked the attack to any particular group.

The Inc. ransomware is a multi-extortion scheme that steals victims’ data and threatens to post it online if the victim doesn’t pay up.

After gaining access, they enter the network from several directions and gather and download private files for use as leverage in ransomware attacks. 

The company keeps a close eye on the situation and works as fast as possible to fully restore the YMPH systems that were compromised in the attack.

Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…

5 hours ago

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…

5 hours ago

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…

5 hours ago

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…

5 hours ago

New Windows Zero-Day Vulnerability Let Attackers Steal Credentials From Victim’s Machine

A security researcher discovered a vulnerability in Windows theme files in the previous year, which…

5 hours ago

SYS01 InfoStealer Malware Attacking Meta Business Page To Steal Logins

The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…

6 hours ago