"Yamaha Motor Confirms Data Breach Following Ransomware Attack"

Employees' personal information was recently stolen in a ransomware attack targeting a Philippines subsidiary of Yamaha Motor.  The incident, the Japanese mobility and industrial giant says, occurred on October 25 and only impacted one server managed by Yamaha Motor Philippines, the company's motorcycle manufacturing and sales subsidiary in the country.  The company noted that the server was accessed without authorization by a third party and hit by a ransomware attack.  On November 16, the investigation revealed that some personal information stored by Yamaha Motor Philippines was compromised in the attack.  The company says it has restored all Yamaha Motor Philippines servers and systems that were not impacted in the attack.  The company noted that the incident did not affect the headquarters and other companies in the Yamaha Motor group.  While Yamaha did not name the ransomware group responsible for the attack, the INC Ransom gang has claimed responsibility for the incident.  Active since July 2023, the ransomware group appears opportunistic in nature, targeting organizations in various industries, typically by exploiting vulnerable internet-facing assets.  Last week, INC Ransom published on its leak site data allegedly stolen from Yamaha Motor Philippines, including identification documents, employee ID cards, and various internal documents.

SecurityWeek reports: "Yamaha Motor Confirms Data Breach Following Ransomware Attack"