View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Kyocera AVX becomes LockBit ransomware gang’s latest victim?

The company's data appears to have been posted to the gang's blog following a breach of Fujitsu last year.

By Claudia Glover

Global electronics manufacturer Kyocera AVX has seen what appears to be its data posted to ransomware gang LockBit’s dark web victim blog. The company was among those to have suffered the knock-on effect of a breach at Japanese tech giant Fujitsu last year.

Global manufacturer Kyocera posted to LockBit dark web blog (Photo by viewimage/Shutterstock)

The deadline posted by the gang for an unspecified ransom to be paid is June 9. If the company does not cooperate with the cybercriminals before then, “all available data will be published”, according to the blog.

Kyocera AVX cyberattack: manufacturer posted to LockBit blog

Kyocera AVX produces electronic parts for clients in the military, industrial and automotive industries. Founded in the 1970s, it has been part of Kyocera, the Japanese electronics company best known for its printers, since 1990. It employs over 10,000 people around the world.

This morning security researchers flagged that the company’s details have been posted to the dark web victim blog of notorious ransomware gang LockBit. 

Kyocera AVX data was apparently compromised in a cyberattack on Fujitsu last year, and this may have enabled LockBit to carry out a supply chain attack, where it hits other companies that work with Fujitsu through phishing or other social engineering attacks.

According to the FT, Fujitsu admitted to being attacked in December after being informed by the police of an intrusion. The attack allowed outside access to emails set through a Fujitsu-based email system. 

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

At least ten Japanese companies, along with Kyocera AVX, have confirmed they were affected by the attack.

Tech Monitor has contacted Kyocera AVX for comment on the claim by LockBit.

LockBit’s rampage against Russia’s enemies continues

LockBit is a prolific Russian ransomware gang which has made its name targeting organisations based in the US and allied countries.

It posted 126 victims to its blog in February alone, according to a report from security company Malwarebytes. 

This year the gang held the UK’s Royal Mail to ransom, demanding $80m in Bitcoin. The company did not pay up, calling the demands “ridiculous,” and the gang responded by posting the data, alongside copies of the negotiations between LockBit and Royal Mail’s representatives.

Later, it stole customer data from UK high street retailer WH Smith. The attack hit personal information of current and former employees. There has been no indication since of whether or not the company paid the ransom.

Last year the gang attacked the UK’s NHS , rendering operators of the 111 service with no option other that to work with pen and paper. The gang initially gained access to the NHS network via one of its suppliers, Advanced, and the breach then spread to care platforms StaffPlan and Caresys, as well as the services supplied to the NHS 111 team.

This month a man said to be involved in the gang, Mikhail Pavlovich Matveev, had a $10m bounty placed on his head by the FBI. Matveev is believed to be a key player in the Russian ransomware ecosystem who also has ties to the Hive and Babuk groups.

Read more: SpaceX contractor ‘hit by LockBit ransomware attack’

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.