Dynamo Software hit by Ransomware Attack

April 27, 2024

Dynamo detected suspicious activity on its US-based servers which was determined to be a ransomware attack. Dynamo states that it took its systems offline while the
suspicious activity was investigated, and systems were restored.

read more

Ransomware Attack at Dutch Eurotrol B.V.

June 13, 2024

Eurotrol B.V. recently fell victim to a ransomware attack by the BlackSuit group. The ransomware encrypted files on Eurotrol’s systems, appending the .blacksuit extension and leaving a ransom note named README.BlackSuit.txt. The note directed Eurotrol to a Tor chat site for further communication with the attackers.

read more

AMD Investigates Potential Cyberattack by IntelBroker

June 19, 2024

AMD is investigating whether it suffered a cyberattack after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains AMD employee information, financial documents, and confidential information. “We are aware of a cybercriminal organization claiming to be in possession of stolen AMD data,” AMD told BleepingComputer in a statement.

The threat actor, IntelBroker, shared screenshots of some of the supposedly stolen AMD credentials but has yet to disclose how much they are selling it for or how it was obtained.

read more

Nearly All Systems Offline for Weeks at Global Forklift Manufacturer

June 8, 2024

Crown Equipment Corporation, the world’s fourth largest forklift manufacturer, has resumed global manufacturing after a cyberattack that took nearly all of its systems offline for several weeks. Since June 8 the company faced significant operational disruption. On July 4 Crown says its 24 global manufacturing plants were back in operation after being suspended on June 10.

Crown confirmed that the multi-week operations disruption resulted from a social engineering attack by an international cybercrime group.

read more

Cyberattack at Tool Maker M.A. Ford Manufacturing

December 14, 2023

Tool maker, M.A. Ford Manufacturing Company, Inc. suffered a cyberattack over a two-day period at the end of last year, but did not discover it until May.
The incident affected 4,359 with information such as financial account number or credit/debit card number (in combination with security code, access code, password or PIN for the account) falling into the hands of the attackers.
“On December 14, 2023, we discovered unusual activity on our network,” the company said in an advisory. “We immediately began an investigation, which included working with third-party specialists. Our investigation determined an unknown party accessed portions of our network between December 12, 2023 and December 14, 2023. Therefore, we conducted a review of our network to determine the type of information contained therein and to whom the information related.”

read more

Key Tronics Shut Down in Ransomware Attack

May 6, 2024

Key Tronic confirms that personal information was compromised after a ransomware group leaked allegedly stolen data. The cybersecurity incident caused widespread operational disruptions. As a precautionary measure, the company suspended operations in the US and Mexico for two weeks, with no disruption to other international operations.

The Black Basta ransomware gang leaked 530GB of the company’s stolen data.

read more

Ransomware Attack at Schuette

April 18, 2024

Metal fabricator, Schuette Inc., fell victim to a ransomware attack in April and is now in the process of notifying its customers.
“On or around April 18, 2024, Schuette became aware of certain unauthorized activity within its computer systems,” the Rothschild, Wisconsin-based company said in a filing. “Upon discovery, we immediately secured the network and swiftly engaged a third-party team of forensic investigators in order to determine the full nature and scope of the incident. On May 14, 2024, following a thorough investigation, we discovered that a limited amount of personal information may have been accessed by an unauthorized third party in connection with this incident.
“At this time, there is no indication that any information has been misused. However, we are providing this notification to you out of an abundance of caution and so that you may take steps to safeguard your information if you feel it is necessary to do so,” the company said.
In the filing, Schuette described the breach as a ransomware attack affecting 1,122 people.

read more

Cyberattack at Phillips Screw Company

December 11, 2023

Amesbury, Massachusetts-based The Phillips Screw Company suffered a “sophisticated” cyberattack that disrupted its day-to-day operations.
The breach occurred December 11 last year, but ended up discovered by the company May 10.
“The Phillips Screw Company detected a sophisticated cybersecurity incident that impacted our network on December 18, 2023,” the company said in a filing. “Due to this incident, we experienced limited disruption to our day-to-day operations and worked as quickly as possible to remediate and resume full business functionality. In doing so, we took immediate steps to mitigate the threat, including taking certain systems offline.”
The company said the threat actor was able to gain access and stayed on the system from Dec. 11 through Dec. 18.

read more

Attack Shuts Down Production at Lens Maker Hoya

March 30, 2024

Production of several of Hoya Corp.’s products shut down after a system failure, which was most likely the result of “unauthorized access” to its servers, company officials said Thursday.
Japanese lens maker Hoya said the company discovered a system discrepancy in one of its overseas offices Saturday and confirmed the disruption despite its efforts to isolate affected servers.
“The day before yesterday (March 30), we learned that the Group’s head quarter and several of its business divisions have experienced an IT system incident,” the company said in a statement they issued Monday. “The Company will work closely with each of its business divisions and sites, as well as with outside experts, to identify the nature and scope of the incident and to restore the situation as soon as possible.”

read more

Acer Confirms Employee Data on Hacker Platform

March 12, 2024

Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor who manages the company’s employee attendance data. “Earlier today a threat actor known as ‘ph1ns’ published a link to download a stolen database containing Acer employee data for free on a hacking forum.”

read more