Japanese electric motor manufacturer Nidec has confirmed that various types of business and internal documents were stolen in an August 2024 ransomware attack.
The incident, the company says, impacted its Vietnam-based subsidiary Nidek Precision (NPCV), and was discovered after the attackers contacted Nidec to demand a ransom payment.
Because the manufacturer did not comply with the extortion demands, the ransomware group published the documents and files allegedly stolen from NPCV on their Tor-based leak site.
The ransomware attack, Nidec says in an incident notice (in Japanese) on its website, was limited to NPCV’s network and was not followed by other intrusions.
According to the company, the threat actors stole a total of 50,694 files from NPCV, including internal documents related to green procurement, health and safety, policies, and transactions, as well as letters from business partners.
Nidec also noted that the intrusion likely occurred after the attackers obtained the credentials for an NPCV general domain account and used them to log in to the server and view files the account was authorized to access.
In response, Nidec and its subsidiaries conducted a thorough investigation, reviewed server access rights, and changed passwords. NPCV also suspended the use of the VPN application believed to have been used as part of the attack.
The company also said that the compromised information could not directly cause secondary economic damage and that it has no evidence that the stolen information has been used maliciously.
While Nidec did not name the threat actor that breached NPCV, both the 8base and Everest ransomware groups listed the company on their leak sites this summer, in July and August, respectively. Nidec’s incident notice suggests that Everest was behind the extortion attempt.
Headquartered in Kyoto, Japan, and with approximately 300 subsidiaries worldwide, Nidec manufactures and distributes electric motors used in hard disks, automobile and manufacturing equipment, and electronic appliances.
Related: Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft
Related: Safety Equipment Giant Cadre Holdings Hit by Cyberattack
Related: Maryland Lawmaker: Officials Misled on Ransomware Attack
Related: Ransomware Gang Claims to Have Stolen Data From National Rifle Association
