October 30, 2022: Blackbyte Group Claims Compromising Precious Metal Manufacturer in HongKong demanding $1.1M
The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. The BlackByte ransomware group claims to have stolen gigabytes of documents from Asahi Group Holdings, including financial and sales reports. The ransomware gang is demanding 500k$ to buy data and 600k$ to delete the stolen data.
Meyer Corporation, the largest cookware distributor in the U.S. fell victim to a cyberattack on October 25, 2021. In response, the firm launched an investigation that was concluded on December 1, 2021, revealing that threat actors gained access to personal information belonging to employees of Meyer and its subsidiaries.
BleepingComputer reports finding a relevant listing on the Conti extortion site dating to November 7, 2021. The Meyer entry on Conti's portal offers a ZIP file containing 2% of the data allegedly stolen by the ransomware gang during the cyberattack. However, the notorious ransomware group hasn’t followed up to publish the remainder 98% in the months that followed.
Household products giant Reckitt Benckiser has said last month's malware cyber-attack could lead to a permanent loss of revenue. The attack disrupted manufacturing and ordering systems at the company, whose products include Nurofen and Dettol. Although it had "largely contained" the attack, Reckitt said the disruption meant like-for-like revenue growth in the second quarter would be down 2%. It also said it expected to lose "some further revenue permanently"
German skin care company Beiersdorf said it was a "target" of the cyberattack, which affected its IT and telephone systems. The firm's headquarters in Hamburg, as well as its affiliates around the world, were affected. While Beiersdorf expects sales worth roughly €35 million ($41 million) to be shifted from the second quarter to the third, the company does not expect a material impact on its profits for this year.
French construction giant Saint-Gobain said Thursday, July 13, that it had restored all systems affected by the start of the week after the attack. The company said the attack led to downtime of IT systems and supply chain disruptions and claimed that no personal data had been lost. The NotPetya attack has had a negative impact of €220 million ($258 million) on sales and €65 million ($76 million) on operating income in the first half of 2017. Until the end of the year, total losses are expected to rise to €330 million ($387 million).
January 13, 2020: Ransomware Attack Shuts Down Production at Loom Manufacturer in Belgium
A cyber-attack partially incapacitated operations at West Flemish weaving machine producer Picanol. Large segments of production are at a standstill. The company’s entire production process is managed by computers. Plants in Ieper (Belgium), Romania and China were hit.
April 14, 2022: Sferra Fine Linens Hit in Cyberattack
Attackers were inside textile manufacturer, Sferra Fine Linens, LLC’s network ten days before the company discovered a cyberattack back in April, but just released notification of the incident Friday.
“To date, we have no evidence of actual or attempted misuse of information as a result of this incident,” the company said in a statement. “This event did not impact any of Sferra’s e-commerce platforms or any information retained in our e-commerce systems.”
On April 24, Sferra said it became aware of suspicious activity on its computer servers. The company then took immediate steps to secure the network, and then called in third-party forensic specialists, who then deployed countermeasures to contain the attack.
The Knauf Group ransomware attack took place on June 29, 2022. The incident resulted in emails as well product-ordering software being taken offline, the company said in a series of updates for customers.
As ever, the extent of the compromise was hard to ascertain from the outside, with systems being rapidly shut down in the wake of the attack in a bid to contain its impact: “Many of our systems and email communication are fully functional again, other areas are currently being restarted” it said on July 20, but was still directing customers to rapidly spun up alternative PDF forms for product orders as The Stack published on July 20.
The incident could not have come at a worse time for a construction industry already embattled by supply chain issues and rampant inflation in the wake of the pandemic, which caused raw material shortages for a huge range of construction materials – plasterboard prices were reported as set to soar up to 25% in July '22.
March 25, 2021: REvil Ransomware Shut Down Multiple Plants at Asteelflash
Asteelflash, a leading French electronics manufacturing services company, has suffered a cyberattack by the REvil ransomware gang who is demanding a $24 million ransom. While Asteelflash has not publicly disclosed an attack, BleepingComputer found this week a sample of the REvil ransomware that allowed access to the Tor negotiation page for their cyberattack. LeMagIT, a French cybersecurity news portal, reported an Asteelflash representative stated that "the incident is being evaluated." Neither BleepingComputer nor LeMagIT could confirm whether the attack was successful in encrypting files on affected systems.
The company's press release states: "Asteelflash has detected a cyber security incident during a routine check by its IT teams. We immediately took action to contain the REvil-type ransomware and limit its spread. We have not been in touch with the Hackers" There are no details about the company's intentions regarding the ransom.
March 11, 2022: Parker-Hannifin Hit in Breach
Parker-Hannifin Corporation suffered a data breach March 14, which forced the company to shut down some of its systems while some employees’ personally identifiable information ended up purloined.
Upon learning of this incident, Parker said its IT team immediately activated its incident response protocols, which included shutting down certain systems. Parker then launched an investigation with the assistance of a forensic investigation firm and other third-party cyber security and incident response professionals.
Parker, one of the largest companies in the world in motion control technologies, said it is working with law enforcement authorities. A security researcher called BlackFog said the Conti ransomware group, which has Russian ties, claimed responsibility for the attack back in April.