Global electronics manufacturer Kyocera AVX has seen what appears to be its data posted to ransomware gang LockBit’s dark web victim blog. The company was among those to have suffered the knock-on effect of a breach at Japanese tech giant Fujitsu last year.
The deadline posted by the gang for an unspecified ransom to be paid is June 9. If the company does not cooperate with the cybercriminals before then, “all available data will be published”, according to the blog.
Kyocera AVX cyberattack: manufacturer posted to LockBit blog
Kyocera AVX produces electronic parts for clients in the military, industrial and automotive industries. Founded in the 1970s, it has been part of Kyocera, the Japanese electronics company best known for its printers, since 1990. It employs over 10,000 people around the world.
This morning security researchers flagged that the company’s details have been posted to the dark web victim blog of notorious ransomware gang LockBit.
Kyocera AVX data was apparently compromised in a cyberattack on Fujitsu last year, and this may have enabled LockBit to carry out a supply chain attack, where it hits other companies that work with Fujitsu through phishing or other social engineering attacks.
According to the FT, Fujitsu admitted to being attacked in December after being informed by the police of an intrusion. The attack allowed outside access to emails set through a Fujitsu-based email system.
At least ten Japanese companies, along with Kyocera AVX, have confirmed they were affected by the attack.
Tech Monitor has contacted Kyocera AVX for comment on the claim by LockBit.
LockBit’s rampage against Russia’s enemies continues
LockBit is a prolific Russian ransomware gang which has made its name targeting organisations based in the US and allied countries.
It posted 126 victims to its blog in February alone, according to a report from security company Malwarebytes.
This year the gang held the UK’s Royal Mail to ransom, demanding $80m in Bitcoin. The company did not pay up, calling the demands “ridiculous,” and the gang responded by posting the data, alongside copies of the negotiations between LockBit and Royal Mail’s representatives.
Later, it stole customer data from UK high street retailer WH Smith. The attack hit personal information of current and former employees. There has been no indication since of whether or not the company paid the ransom.
Last year the gang attacked the UK’s NHS , rendering operators of the 111 service with no option other that to work with pen and paper. The gang initially gained access to the NHS network via one of its suppliers, Advanced, and the breach then spread to care platforms StaffPlan and Caresys, as well as the services supplied to the NHS 111 team.
This month a man said to be involved in the gang, Mikhail Pavlovich Matveev, had a $10m bounty placed on his head by the FBI. Matveev is believed to be a key player in the Russian ransomware ecosystem who also has ties to the Hive and Babuk groups.