The market-leading cycling component manufacturer, Shimano, has been targeted by a ransomware attack, affecting 4.5 terabytes of sensitive company data.
Initially highlighted in a post on X (formerly Twitter) by technology security company Falcon Feeds, the Japanese manufacturer has reportedly been targeted by ransomware group LockBit, who are threatening to release the data on November 5, 2023, at 18:34:13 UTC.
First reported by Escape Collective, the attack is also listed on the Live Ransomware Updates of the Ransom-db website, showing Shimano.com as a victim of LockBit 3.0, with the date November 2, 2023 as the attack date.
It is also listed on Ransomlook.io – described as an open-source project aimed at assisting users in tracking ransomware-related posts and activities across various sites, forums, and Telegram channels – in which the full ransom notice can be seen.
The notice claims that the group has breached highly sensitive data, including:
- Employee information, including identification, social security numbers, addresses and passport scans
- Financial documents, including balance sheets, profit and loss reports, bank statements, various tax forms and reports
- Client data, including addresses, internal documents, mail correspondence, confidential reports, legal documents and factory inspection results
- Other documents, including non-disclosure agreements, contracts, confidential diagrams and drawings, development materials and laboratory tests
The attacker, LockBit, is a cybercrime group that uses malware to breach sensitive company data and then attempts to extort money in exchange for avoiding its public release.
Cyber-crime protection company Flashpoint describes it as the world’s ‘most active’ ransomware group, saying it is responsible for 27.93% of all known ransomware attacks in the 12 months to June 2023. Its reported total of 1,036 victims is more than double that of the group known as BlackCat in second place.
Shimano is just the latest in a string of high-profile victims of the LockBit group. According to Trendmicro, the British postal service Royal Mail was hit by an attack in January, effectively halting its international export services. Dublin software company Ion Group was hit in February, and Taiwanese chipmaker TSMC faced a ransom of US$70 million in June.
Aeroplane manufacturing giant Boeing is also currently being…