Kawasaki Motors Europe (KME) recently released a statement confirming that it has been the victim of a cyberattack. The attack caused significant disruption to services as cybercriminals threatened to release stolen data. KME confirmed,
“In early September, Kawasaki Motors Europe (KME) was targeted by a cyberattack which, while unsuccessful, resulted in the company’s servers being temporarily isolated until a strategic recovery plan was initiated later that day.”
Since the attack, the notorious Ransomware-as-a-Service (RaaS) group RansomHub has leaked 478GB of data, which they claim belongs to the KME website. Critical business documents such as banking details, internal communications, dealer details, and financial information were exposed.
Big hitters
The exposed data was posted on the gang’s dark web extortion site, indicating that KME refused to pay the ransom demanded by the group.
RansomHub has risen to prominence since its inception in February 2024, becoming one of the most prolific RaaS groups, with 75 ransomware attacks in Q2 2024. Victims include: high goals such as Change Healthcare and Planned Parenthood.
The U.S. Cybersecurity and Infrastructure Agency (CISA) has issued an alert about the threat actor and its tactics, detailing indicators of compromise (IoC) in an effort to mitigate risks to potential targets.
Not only are the number of RaaS groups increasing, but ransom demands are also increasing, with the average attacker with a request for a staggering $1.5 million in exchange for a company’s stolen data. This amount was only $200,000 in 2023, which shows the power of ransomware groups and the damage they can inflict on an organization.
Via CyberNews