November 20, 2023 at 07:45AM
Personal information of employees was stolen in a ransomware attack on Yamaha Motor’s subsidiary in the Philippines. The attack occurred on October 25, affecting one server managed by Yamaha Motor Philippines. The company immediately set up a countermeasures team and restored unaffected servers. The INC Ransom gang claimed responsibility for the attack. They are known for targeting organizations across industries by exploiting vulnerabilities. Last week, the gang published stolen data from Yamaha Motor Philippines and other organizations.
Meeting Takeaways:
– Yamaha Motor Philippines, a subsidiary of Yamaha Motor, experienced a ransomware attack on October 25.
– The attack targeted one server and resulted in a partial leakage of employees’ personal information.
– Yamaha Motor immediately formed a countermeasures team, took preventive actions, and launched an investigation.
– Investigation results on November 16 confirmed that personal information stored by Yamaha Motor Philippines was compromised.
– The company has restored all servers and systems that were not affected by the attack.
– The headquarters and other companies within the Yamaha Motor group were not impacted.
– The ransomware group responsible for the attack is the INC Ransom gang.
– INC Ransom is an opportunistic group targeting organizations across different industries by exploiting vulnerabilities.
– The group has been observed exploiting the CVE-2023-3519 vulnerability in Citrix NetScaler ADC and Gateway.
– INC Ransom has recently published data stolen from Yamaha Motor Philippines and claimed attacks on multiple organizations.
– The attack on China’s biggest bank and Western Digital’s customer information breach are other related incidents.
– There have been recent ransomware attacks exploiting a Windows zero-day vulnerability called Nokoyawa.