Seiko Attacked By BlackCat

Uploaded on 2023-09-01 in FREE TO VIEW, NEWS-News Analysis

The ransomware gang BlackCat has  claimed responsibility for a ransomware attack on Japanese  Seiko Group Corp on August 10th and has now published samples of stolen data files as proof of its attack. 

Seiko is a diverse electronics business, best known as one of the world's largest and most watchmakers. Seiko has 12,000 employees and an annual revenue of $1.6 billion.

The cyber criminals claim to have stolen 2 Tb worth of files, including employee information, production technology details, video and audio recordings of management meetings, emails, and copies of passports belonging to employees and foreign visitors.  

Now, the ransomware group has published screenshots to demonstrate that they have obtained contracts and other corporate documents, confidential technical documents, passport copies, and emails.

Seiko  has confirmed that on July 28th of this year, the Company suffered a possible data breach. It appears that some as-yet-unidentified party or parties gained unauthorised access to at least one of our servers. “Subsequently, on August 2nd, we commissioned a team of external cybersecurity experts to investigate and assess the situation... As a result, we are now reasonably certain that there was a breach and that some information stored by our Company and/or our Group companies may have been compromised." says Seiko.

Seiko and their working to verify the exact nature of the information that was stored on the impacted servers “Working closely with cyber security experts, we are now making every effort to prevent further damage and to ensure that our systems are secure against any similar recurrence." Seiko's customers and business partners are invited to make immediate contact if they receive any suspicious or unusual emails or notifications.

BlackCat has since claimed to be behind the attack on Seiko, posting samples of data that they claim to have stolen during the attack. BlackCat  criticised  Seiko's IT security and leaked what appear to be production plans, employee passport scans, new model release plans, and specialised lab test results. The hackers also leaked samples of what they claim are confidential technical schematics and Seiko watch designs as part of their extortion attempt.

Seiko is the latest victim of a sequence of large scale, damaging attacks on Japanese business and infrastructure this year, including a potential supply chain attack on customers of Fujitsu and the Port of Nagoya.  

SII:    Bleeping Computer:     Security Week:   Bank Info Security:  TEISS:   Silicon Angle:   

Image: Sergey Samin

You Might Also Read: 

ABB Struck By Black Basta Ransomware:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Hospital IoT & IoMT Cyber Security Risk
Empower Your DaaS Programs »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Cyber Technology Institute - De Montfort University

Cyber Technology Institute - De Montfort University

The Cyber Technology Institute provides training and high quality research and consultancy services in the fields of cyber security, software engineering and digital forensics.

Australian Information Security Association (AISA)

Australian Information Security Association (AISA)

AISA champions the development of a robust information security sector by building professional capacity and advancing the cyber security of the public, business and governments in Australia.

ASU Online - Information Technology Program

ASU Online - Information Technology Program

The Information Technology program at ASU Online provides you with the expertise to design, select, implement and administer computer-based information solutions.

Auth0

Auth0

Auth0 is a cloud service that provides a set of unified APIs and tools that instantly enables single sign-on and user management for any application, API or IoT device.

Datacom Systems

Datacom Systems

Datacom Systems is a leading manufacturer of network visibility solutions.

OpenText

OpenText

OpenText is a leader in Enterprise Information Management software and a portfolio of related solutions for Information Governance, Compliance, Information Security and Privacy.

Greenwave Systems

Greenwave Systems

Greenwave's AXON Platform enables IoT and M2M network service providers to address security, interoperability, flexibility and scalability from a single IoT platform.

Brighter AI

Brighter AI

Brighter AI empowers companies to use publicly-recorded camera data for analytics & AI while being compliant with increasing data privacy regulations worldwide.

spriteCloud

spriteCloud

spriteCloud is an independent software testing, test automation and cybersecurity services provider.

Isovalent

Isovalent

Isovalent deliver the most advanced Kubernetes networking & security capabilities to the most demanding of enterprise users.

Thistle Technologies

Thistle Technologies

Thistle Technologies is building tools that help connected device manufacturers build security resiliency into devices.

iON United

iON United

iON United is a full-service IT security solutions provider and one of the most trusted names in cybersecurity in Canada.

Prism Infosec

Prism Infosec

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor.

Inflection Point Ventures (IPV)

Inflection Point Ventures (IPV)

Inflection Point Ventures (IPV) is a 6000+ members angel investing firm which supports new-age entrepreneurs by connecting them with a diverse group of investors.

Telesign

Telesign

Telesign connect, protect, and defend online experiences with sophisticated digital identity and programmable communications solutions.