- Trump taps Sriram Krishnan for AI advisor role amid strategic shift in tech policy
- Interpol Identifies Over 140 Human Traffickers in New Initiative
- 5 network automation startups to watch
- 4 Security Controls Keeping Up with the Evolution of IT Environments
- ICO Warns of Festive Mobile Phone Privacy Snafu
50,000 Files Exposed in Nidec Ransomware Attack
A ransomware attack in August 2024 has led to the theft of more than 50,000 business and internal documents from Nidec’s Vietnam-based subsidiary, Nidec Precision (NPCV), the company has confirmed. The attackers leaked the files online after Nidec refused to meet their ransom demands.
In a security notice (in Japanese) published last week, Nidec reported that the stolen data included sensitive internal documents, such as green procurement policies, health and safety guidelines and business correspondence.
The company first became aware of the attack when the cyber-criminals reached out, demanding payment in exchange for not releasing the stolen files. After Nidec declined, the documents were posted on a dark web leak site operated by the Everest ransomware group.
The breach primarily affected NPCV, which manufactures precision optical and mechanical equipment. The attackers likely gained access to the company’s network using credentials for a general domain account. This allowed them to access files the account had permission to view.
Nidec has since disabled the VPN application believed to have been used in the breach and implemented stricter security measures.
Information Stolen in the Attack
The stolen data included:
-
Internal business documents
-
Green procurement guidelines
-
Health and safety policies
-
Business transactions like purchase orders and invoices
-
Letters from business partners
Nidec assured stakeholders that the compromised data is not expected to result in significant financial harm, and there is no evidence it has been misused.
In response to the breach, the company said it had conducted a thorough investigation, changed passwords and reviewed server access rights. It has also notified affected business partners.
While Nidec did not officially name the group responsible for the attack, both the 8base and Everest ransomware gangs had previously claimed credit for similar incidents involving Nidec on their leak sites earlier this year.
With headquarters in Kyoto, Japan, Nidec is a global leader in electric motor manufacturing, operating in 40 countries with around 300 subsidiaries.