BRP Suspends Operations Following Ransomware Attack

October 31, 2022

INCIDENT

The Quebec-based company, which makes snowmobiles, personal watercraft and all-terrain vehicles, said it had been the target of “malicious computer activity” and had taken “immediate steps to contain the situation.” BRP (formerly Bombardier Recreational Products) said it has hired cybersecurity experts to help secure its systems and support an internal investigation. Suspending operations could delay some transactions with customers and vendors, BRP said.

BRP provided an update on the situation on August 15: "The Company confirms that the malware infiltration came through a third-party service provider. BRP believes that the impact of the cyberattack was limited to its internal systems." "The evidence collected so far allows BRP to believe that the impact of this incident from a data privacy perspective should be limited. "

Incident Date

August 8, 2022

Location

Austria
Canada
Finland
United States

Estimated Cost

7 days Production & Operations shutdown, data leaked on the web

Victims

Bombardier Recreational Products (BRP)

Type of Malware

RansomEXX

Threat Source

No threat source identified

References

Industries

Automotive

Impacts

OT IT