Yamaha Motor Philippines, a subsidiary of the Japanese powerhouse manufacturer, suffered a ransomware attack in late October this year, the company confirmed.
Soon after the incident, a hacking group took responsibility for the attack and leaked some of the data allegedly stolen in the attack.
The breach was first detected on October 25, the company added, claiming that it only affected a single server, and that its headquarters, as well as all other subsidiaries, were unaffected by the attack. The incident was since reported to the police in the Philippines, and an investigation is underway.
Data leaks online
“Yamaha Motor announces that one of the servers managed by its motorcycle manufacturing and sales subsidiary in the Philippines, Yamaha Motor Philippines, Inc., was accessed without authorization by a third party and hit by a ransomware attack, and a partial leakage of employees’ personal information stored by the company was confirmed,” the company said in a press release.
“Upon learning of the attack, the IT Center at Yamaha Motor headquarters in Japan and YMPH immediately set up a countermeasures team and have been working to prevent further damage while investigating the scope of the impacts, etc., as well as working on a recovery together with an external internet security company, but we expect it will be some time until the full extent of the damage can be confirmed.”
While the company did not discuss the identity of the attackers, a group going by the name INC Ransom claimed responsibility for the attack and leaked data alleging it came from the breach, BleepingComputer has found.
The company was added to INC Ransom’s data leak site on November 15, and since then, a total of 37GB of data has been posted. Some of the data, the media said, include employee ID information, backup files, as well as corporate and sales information.