Japanese automaker Yamaha Motor and healthcare organization WellLife Network have confirmed cyberattacks after being added to a ransomware gang’s leak site this week.
Yamaha Motor issued a notice on Thursday confirming that a server run by its motorcycle manufacturing and sales subsidiary in the Philippines was hit by a ransomware attack discovered on October 25.
The attack exposed employees’ personal information, but the company noted that it will take more time to understand the full extent of the damage.
The incident was reported to Philippine authorities on October 27, and on Thursday the company confirmed that employee information had been leaked.
“At this time, YMPH servers and systems not compromised by this attack have been restored. The attack was limited to one of the servers managed by YMPH and we have confirmed that it did not affect the head office or any other company in the Yamaha Motor group,” the company said. said in a statement.
“However, we will continue to closely monitor the situation as we continue our work to fully restore YMPH systems damaged by the attack as quickly as possible.”
Yamaha Motor did not specify which ransomware group attacked it, but the INC ransomware gang. job the company visited the leak site on Wednesday.
According to researchers at SentinelOne, the ransomware group emerged in July. Like several other extortion gangs, the group was seen exploiting CVE-2023-3519 — a vulnerability affecting Citrix products that has been detected. as part of a “large-scale exploitation campaign” according to the Dutch Vulnerability Disclosure Institute and cybersecurity company Fox-IT.
SentinelOne said it has seen the group target several sectors, including education, government and healthcare.
Friday, the group added the WellLife network to his list of victims. With an annual operating budget of $100 million, the organization offers a range of services to people with intellectual or developmental disabilities as well as those suffering from mental illness.
On November 6, the organization posted a review notify patients and employees that their IT team discovered a cyberattack in early September.
“The investigation is ongoing at this time. However, as of this writing, the investigation has determined that between August 26, 2023 and September 7, 2023, an unauthorized actor accessed certain WellLife systems and may have viewed or taken certain information contained therein. “, they said.
Stolen information includes names, dates of birth, demographic information, and other personal or health information.
They are still investigating the incident and plan to contact those affected, as well as state regulators. They did not respond to requests for comment on how many people were affected, but in documents filed with the U.S. Department of Health and Human Services’ Office for Civil Rights, they said 501 people were affected.
Future saved
Intelligence cloud.
No previous articles
No new articles
Jonathan Greig
Jonathan Greig is a breaking news reporter at Recorded Future News. Jonathan has worked as a journalist around the world since 2014. Before returning to New York, he worked for media outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.