RansomHub Claims Cyberattack on Kawasaki Motors Europe, Threatens to Leak Stolen Data

RansomHub has claimed responsibility for a cyberattack on Kawasaki Motors Europe (KME) and is threatening to leak stolen data. The attack, which occurred at the beginning of September 2024, targeted Kawasaki’s EU headquarters, prompting the company to temporarily isolate its servers as a precautionary measure. KME quickly initiated a strategic recovery plan to address the situation, involving the analysis and removal of any suspicious material such as malware from their systems.

RansomHub alleges that it has stolen 487 GB of data from Kawasaki’s networks and added the company to its extortion portal on the dark web on September 5, 2024. The ransomware group has set a timer and is threatening to publish all the stolen data if their demands are not met. Although it remains unclear whether the stolen data includes customer information, this possibility cannot be ruled out at this point​(BleepingComputer)​(NetmanageIT CTO Corner).

KME has been working with internal IT staff and external cybersecurity experts to clean and verify their systems. The company expects that by the start of the following week, 90% of its server infrastructure will be restored, with no significant impact on business operations, including dealerships and third-party suppliers​(BleepingComputer)​(DSL Reports).

This attack by RansomHub highlights the ongoing threat posed by ransomware groups to major corporations, emphasizing the need for robust cybersecurity measures to protect sensitive data and maintain operational integrity.