Shimano, the market-leading cycling component manufacturer, has been the subject of a ransomware attack that has affected 4.5 terabytes of important company data.
The Japanese manufacturing has apparently been targeted by ransomware organization LockBit, who are threatening to expose the data on November 5, 2023, at 18:34:13 UTC, according to a post on X (previously Twitter) by technology security company Falcon Feeds.
The attack, first reported by Escape Collective, is also recorded on the Ransom-db website's Live Ransomware Updates, with Shimano.com listed as a victim of LockBit 3.0 and the date November 2, 2023, as the attack date.
The whole ransom note is also available on Ransomlook.io, which is known as an open-source initiative intended to support users in tracking ransomware-related posts and actions across numerous sites, forums, and Telegram groups.
The gang breached highly sensitive data
- Identification, social security numbers, residences, and passport scans of employees
- Balance sheets, profit and loss statements, bank statements, and numerous tax forms and reports are examples of financial papers.
- Addresses, internal documents, postal exchanges, confidential reports, legal documents, and factory inspection findings are examples of client data.
- Non-disclosure agreements, contracts, confidential designs and drawings, development materials, and laboratory testing are among the other documents.
LockBit is a cybercriminal group that employs malware to compromise critical company data and then tries to extort money in exchange for preventing its public publication.
Lockbit world's most active ransomware
According to the cyber-crime prevention firm Flashpoint, it is the world's most active ransomware organization, responsible for 27.93% of all known ransomware assaults in the year ending June 2023. It stated a total of 1,036 victims is more than double that of the second-placed organization known as BlackCat.
Other victims of the cyberattack
Shimano is the latest in a long line of high-profile LockBit victims. Trendmicro reports that the British postal service Royal Mail was attacked in January, virtually suspending its international export services. Dublin software firm Ion Group was targeted in February, while Taiwanese chipmaker TSMC was targeted in June with a US$70 million ransom demand.
Boeing, the world's largest aircraft manufacturer, is also being extorted by the organization.
A Shimano spokeswoman told Cyclingnews, "This is an internal matter at Shimano that is being investigated, but we cannot comment on anything at this time."
Aftermath of the attack
It is unclear what ransom, if any, has been sought by the organization at this time, but it is apparent that the revelation will be another significant blow in an already difficult period for the Japanese brand.
It just announced a global recall of 2.8 million road cranksets due to a long-standing bonding separation issue. As a result, a class-action lawsuit was filed in North America in the weeks that followed. According to its most recent quarterly report, overall sales of bicycle components declined by 24.8%, with operational profitability decreasing by nearly half.
