Kawasaki Motors Europe (KME) has officially confirmed it was the target of a cyberattack in early September, causing temporary disruptions to its operations. The company stated that while the attack was “not successful,” it resulted in the isolation of its servers as a precautionary measure.
In a statement released on September 12, KME explained that its IT department, along with external cybersecurity experts, spent the following week meticulously checking and cleansing all servers before reconnecting them to the corporate network. By the start of this week, over 90% of KME’s server functionality had been restored.
However, the situation took a more serious turn when the notorious ransomware gang RansomHub claimed responsibility for the attack.
Decoding Compliance: What CISOs Need to Know – Join Free Webinar
The threat group added Kawasaki to its dark web extortion portal on September 5, alleging the theft of 487 GB of data from the company’s networks.
RansomHub has set a countdown timer, threatening to publish all stolen data if their demands are not met by the deadline. The nature of the compromised data remains unclear, but the possibility of customer information being involved cannot be ruled out at this stage.
Kawasaki has emphasized that business operations, including dealerships, third-party suppliers, and logistics operations, have not been impacted by the incident.
The company has implemented enhanced monitoring operations and tightened access restrictions to prevent unauthorized access in the future.
This attack on Kawasaki comes amid a surge in RansomHub’s activities. The group has emerged as a prominent player in the cybercrime landscape, particularly following the shutdown of other major ransomware operations like BlackCat/ALPHV.
According to a joint advisory from the FBI, CISA, and the Department of Health and Human Services, RansomHub has breached at least 210 victims across various critical U.S. infrastructure sectors since its launch in February.
As the investigation continues, Kawasaki has not yet responded to requests for additional comments regarding the RansomHub claims.
Simulating Cyberattack Scenarios With All-in-One Cybersecurity Platform – Watch Free Webinar