Yamaha Ransomware Attack: Employees Personal Information Exposed

A ransomware attack targeted Yamaha Motor Co., Ltd., resulting in a partial disclosure of the personal information maintained by the company.

Notably, a third party gained unauthorized access to one of the servers run by Yamaha Motor Philippines, Inc. (YMPH), its motorcycle manufacturing and sales division in the Philippines.

“Yamaha Motor Philippines, Inc. (YMPH) was accessed without authorization by a third party and hit by a ransomware attack, and a partial leakage of employees’ personal information stored by the company was confirmed,” the company said.

Upon learning of the attack, the company promptly established a countermeasures team, and they have been attempting to stop additional harm while assessing the extent of the effects.

Overview of the Ransomware Attack

On October 25, it was confirmed that YMPH was the target of a ransomware attack. The business filed a report with the Philippine authorities.

On November 16, it became clear that certain employees’ personal information kept by YMPH had been compromised.

Document
Free Webinar

Live API Attack Simulation Webinar

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked. The session will cover: an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

“The attack was limited to one of the servers managed by YMPH and we have confirmed that it has not affected the headquarters or any other companies in the Yamaha Motor group,” the company said.

The company stated that the YMPH’s servers and systems that were unaffected by the attack have now been restored.

The attack has been linked to the ransomware group INC Ransom, which also claims to have exposed data taken from the Yamaha Motor Philippines network. Yamaha, in particular, has not linked the attack to any particular group.

The Inc. ransomware is a multi-extortion scheme that steals victims’ data and threatens to post it online if the victim doesn’t pay up.

After gaining access, they enter the network from several directions and gather and download private files for use as leverage in ransomware attacks. 

The company keeps a close eye on the situation and works as fast as possible to fully restore the YMPH systems that were compromised in the attack.

Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Nearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi Networks

Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as "GruesomeLarch"…

1 day ago

240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft

Microsoft's Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by Egypt-based…

2 days ago

Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in Central…

2 days ago

Earth Kasha Upgraded Their Arsenal With New Tactics To Attack Organizations

Earth Kasha, a threat actor linked to APT10, has expanded its targeting scope to India,…

2 days ago

Raspberry Robin Employs TOR Network For C2 Servers Communication

Raspberry Robin, a stealthy malware discovered in 2021, leverages advanced obfuscation techniques to evade detection…

2 days ago

145,000 ICS Systems, Thousands of HMIs Exposed to Cyber Attacks

Critical infrastructure, the lifeblood of modern society, is under increasing threat as a new report…

2 days ago