Introduction
In August 2024 [1] [2] [4] [6], Nidec Corporation [2] [3], a prominent Japanese electric motor manufacturer [1], faced a significant cybersecurity incident when its Vietnam-based subsidiary, Nidec Precision (NPCV) [1] [2] [3] [4], was targeted by a ransomware attack [3]. This breach, attributed to the 8Base ransomware group, highlighted vulnerabilities in the company’s cybersecurity framework and underscored the importance of robust security measures.
Description
In August 2024 [1] [2] [4] [6], Nidec Corporation [2] [3], a Japan-based electric motor manufacturer [1], confirmed a ransomware attack that targeted its Vietnam-based subsidiary [4], Nidec Precision (NPCV) [1] [2] [3] [4]. The attack, claimed by the 8Base ransomware group, resulted in the exfiltration of over 50,000 sensitive files, including invoices [2], receipts [2], accounting documents [2], internal materials related to green procurement [1], health and safety policies [1], and business contracts [5]. The breach occurred when threat actors accessed NPCV’s systems using stolen credentials for a general domain account [2], allowing them to view authorized files on the server.
Following Nidec’s refusal to comply with the ransom demands, the attackers published the stolen documents on a Tor-based leak site [1]. Additionally, on August 8, 2024 [2] [4], the Everest ransomware group listed Nidec [1], releasing data that allegedly belonged to the company. It remains unclear whether this was a separate incident or a re-publication of the previously stolen data [2]. Although the incident was not classified as a ransomware attack since no systems were encrypted [3], it underscored vulnerabilities within Nidec’s cybersecurity framework.
In response to the breach, Nidec and its subsidiaries conducted a thorough investigation [1], which included scanning devices, reviewing server access rights [1] [2], changing passwords [1] [6], and suspending the use of the VPN application believed to have been exploited during the attack [1]. Nidec stated that the compromised information was not likely to cause secondary economic damage [1], and there was no evidence of malicious use of the stolen data [1]. While the data breach is not expected to have severe financial repercussions [6], it serves as a critical reminder for organizations about the importance of cybersecurity preparedness and the need for robust security measures to protect sensitive information. Nidec has also cautioned employees and associates to remain vigilant against potential phishing attacks following the incident.
Conclusion
The ransomware attack on Nidec Corporation’s subsidiary serves as a stark reminder of the persistent threats faced by organizations in the digital age. Despite the lack of immediate financial damage, the incident exposed significant vulnerabilities in Nidec’s cybersecurity infrastructure. The company’s proactive response, including a comprehensive investigation and enhanced security measures, highlights the importance of preparedness and vigilance. Moving forward, organizations must prioritize cybersecurity to safeguard sensitive information and mitigate potential risks associated with cyber threats.
References
[1] https://ciso2ciso.com/electric-motor-giant-nidec-confirms-data-stolen-in-ransomware-attack-source-www-securityweek-com/
[2] https://www.cyberdaily.au/security/11262-japanese-tech-giant-nidec-confirms-8base-data-breach-company-data-published
[3] https://www.techradar.com/pro/security/nidec-confirms-ransomware-attack-leaked-company-data-online
[4] https://www.infosecurity-magazine.com/news/nidec-ransomware-attack-expose/
[5] https://www.businessinsurance.com/japanese-tech-giant-suffers-data-breach/
[6] https://thenimblenerd.com/article/nidecs-ransomware-roulette-when-cybersecurity-takes-a-spin/