Kawasaki Motors Europe (KME) recently released a statement confirming it was the victim of a cyber attack. The attack caused significant service disruptions as the cybercriminals threatened to release stolen data. KME confirmed,
“At the start of September, Kawasaki Motors Europe (KME) was the subject of a cyberattack which, although not successful, resulted in the company’s servers being temporarily isolated until a strategic recovery plan was initiated later on the same day.”
Since the attack, notorious Ransomware-as-a-Service (RaaS) group RansomHub has leaked 478GB of data, which it claims belongs to the KME website. Critical business documents like banking records, internal communications, dealership details, and financial information were exposed.
Big hitters
The exposed data was posted on the gang’s extortion site on the dark web, which suggests that KME refused to pay the ransom demanded by the group.
RansomHub has risen to prominence since its conception in February of 2024, as it has become one of the most prolific RaaS groups, claiming 75 ransom attacks in Q2 of 2024. Amongst its victims are high level targets like Change Healthcare and Planned Parenthood.
The US Cybersecurity and Infrastructure Agency (CISA) released an advisory warning of the threat actor and its tactics, outlining indicators of compromise (IoC) in an effort to mitigate the risks for potential targets.
Not only is the number of RaaS groups on the rise, but the ransom demands are ballooning, with the average attacker requesting a staggering $1.5 million in return for a company’s own stolen data. This number was just $200,000 in 2023, which points to the power of ransomware groups and the damage they can cause to an organization.
Via CyberNews