Malware
Leading Tech Powerhouse Nidec Confirms Data Breach After Devastating Ransomware Attack
Japanese tech giant Nidec has confirmed a data breach following a ransomware attack. The company assures that no customer data was leaked, and production has not been impacted. Experts urge companies to strengthen security measures to mitigate the risk of cyber-attacks.
Imagine waking up one day to find that your personal information has been leaked on the dark web. This is the reality for employees, contractors, and associates of Nidec Corporation, a Japanese tech giant that experienced a ransomware attack earlier this year.
Nidec is a global leader in manufacturing precision motors, automotive components, industrial parts, home appliance parts, and robotic systems. With operations in 40 countries and employing 120,000 people, the company generates an annual revenue of more than $11 billion.
How It All Began: The Nidec Precision Breach
The cyberattack targeted Nidec Precision division based in Vietnam, which specializes in manufacturing optical, electronic, and mechanical equipment for the photography industry. The hackers managed to obtain valid VPN account credentials of a Nidec employee, gaining access to a server containing confidential information.
According to the results of the internal investigation, which is still ongoing, the company closed the entry point and implemented additional security measures as per recommendations from external cybersecurity experts. Nidec employees are undergoing training on how to minimize such risks.
The investigation revealed that the attackers stole 50,694 files, including internal documents, letters from business partners, documents related to green procurement, labor safety and health policies, business documents (purchase orders, invoices, receipts), and contracts.
Nidec has stated that it will notify directly its business partners affected by the incident.
8BASE and Everest Gangs: The Culprits
The 8BASE ransomware gang claimed an attack on Nidec on June 18, alleging that the data had been stolen from the Japanese firm’s systems on June 3, 2024. 8BASE claimed to be holding much of what Nidec confirmed via its investigation, plus personal data and “a huge amount of confidential information.”
Nidec acknowledged a ransomware attack in July without naming the perpetrators, stating that the impacted division was Nidec Instruments.
On August 8, the Everest ransomware group, known for receiving stolen data from other cybercriminals to perform new extortion attempts on victims, published data allegedly stolen from Nidec. The company states in its latest announcement that the threat actors first made contact on August 5, suggesting that the communication came from the Everest ransomware gang.
Nidec has acknowledged that the data leaked on the dark web comes from its systems, but did not offer any clarification about the threat actors’ claims. In any case, the company says it does not believe that any of the leaked data could be used to cause direct financial damage to it or its contractors and has not observed unauthorized use of the information.
What Can You Do?
As a reader, you may wonder, “What can I do to protect myself and my company from such attacks?” The answer is simple: education and vigilance. Staying up-to-date on the latest cybersecurity threats and best practices is crucial in today’s digital world.
That’s where we come in. Our IT Services team is here to help you stay informed and develop strategies to protect your valuable data from cybercriminals. Don’t wait for an attack to happen – take action now and prevent your personal and company information from falling into the wrong hands.
Contact us today to learn more about how we can help you secure your digital assets and ensure a safer online experience for you and your colleagues.