Published on: September 17, 2024
Japanese automotive manufacturer Kawasaki has confirmed that its European offices were hit by a cyberattack, leading to various operational disruptions over the past week as it works towards full recovery.
A notorious ransomware group, RansomHub, claimed responsibility for attacking the company. The threat group added Kawasaki to its dark web extortion portal on Sept. 5 and claimed in a post there that it had stolen 487 gigabytes of data from Kawasaki Motors Europe.
Kawasaki Motors Europe (KME) oversees the distribution, sales, and marketing of Kawasaki’s motorcycle products throughout the European market. It manages a wide network of authorized dealerships and customer service centers across the continent.
RansomHub set a countdown timer, too, warning that it will release all stolen data if their demands are not fulfilled by the deadline. The group didn’t reveal any details about the exact nature of the compromised data, so there is concern that customer information may be among the stolen files.
Kawasaki didn’t respond to requests for comment regarding the incident at the time.
A week later, Kawasaki released a statement acknowledging that it was “the subject of a cyberattack” that was ultimately unsuccessful but “resulted in the company’s servers being temporarily isolated until a strategic recovery plan was initiated later on the same day.”
“[Kawasaki Motors Europe] and its country Branches operate a large number of servers and, as a precaution, it was decided to isolate each one and put a cleansing process in place whereby all data was checked and any suspicious material identified and dealt with,” the company said.
Kawasaki stated that the IT department at its European office, along with external cybersecurity advisors, “spent the following week isolating and health-checking all servers and restoring their interconnectivity.”
The company added that business activities involving motor vehicle dealers and third-party suppliers have resumed.