Tech giant Nidec confirms a data breach following a ransomware attack

Nidec Corporation says the hackers behind a ransomware attack earlier this year stole data and exposed it on the dark web.

The Japanese tech giant says the threat actors tried to blackmail the company and decided to reveal the information after their demands were not met.

No files were encrypted in the attack and the incident is currently considered fully resolved. However, Nidec employees, contractors and partners should be aware that the leaked data could be used in more targeted phishing attacks.

Nidec Corporation is a leading global manufacturer of precision motors, automotive components, industrial parts, home appliance parts and robotic systems.

The company operates in 40 countries, employs 120,000 people and generates annual sales of more than $11 billion.

Nidec Precision violation

The cyberattack breached the Vietnam-based Nidec Precision division, which specializes in manufacturing optical, electronic and mechanical equipment for the photography industry.

According to the results of the ongoing internal investigation, the hackers obtained valid VPN account credentials from a Nidec employee and accessed a server containing confidential information.

The company closed the entry point and implemented additional security measures in accordance with the recommendations of external cybersecurity experts. Nidec employees are trained to minimize such risks.

The investigation also revealed that the attackers stole 50,694 files, including the following:

• Internal documents
• Letters from business partners
• Green procurement documents
• Occupational safety and health policies (company and supply chain, etc.)
• Business documents (orders, invoices, receipts)
• Contracts

Nidec said it would directly notify its business partners affected by the incident.

8BASE and Everest gangs report attacks

The 8BASE ransomware gang claimed to have carried out an attack on Nidec on June 18, claiming the data was stolen from the Japanese company’s systems on June 3, 2024.

8BASE claimed to have much of what Nidec confirmed in its investigation, as well as personal data and “a huge amount of confidential information.”

Nidec acknowledged a ransomware attack in July without naming the perpetrators, saying the affected department was Nidec Instruments.

On August 8, ransomware group Everest, known for obtaining stolen data from other cybercriminals to carry out new extortion attempts on victims, released data allegedly stolen from Nidec.

The company states in the latest announcement that the threat actors first made contact on August 5, suggesting that the communication came from the Everest ransomware gang.

Nidec has acknowledged that the data leaked on the dark web came from its systems, but has not provided any clarifications on the threat actors’ claims.

In any case, the company does not believe that the leaked data could be used to cause direct financial harm to it or its contractors, and it has not observed any unauthorized use of the information.

H/T: @H4ckManac