1. Shimano, a cycle component manufacturing company, fell victim to a ransomware attack in which hackers managed to steal approximately 4.5 terabytes of sensitive business-related information. The incident is believed to be the work of the LockBit Ransomware gang and occurred on November 2, although it was not discovered until November 5 by the company’s IT staff. Some of the stolen data has been disclosed on a website called Ransomlook.io, with hackers threatening to release more if their demands are not met.
Initial reports suggest that the stolen data includes highly sensitive information such as social security numbers, passport scans, financial documents (including balance sheets and profit and loss reports), bank statements, tax forms, legal documents, NDAs, contracts, as well as diagrams and drawings of upcoming models. The LockBit hackers obtained this information through fraudulent means.**
2. The Allied Pilots Association (APA), a union representing more than 15,000 American Airlines employees, faced a ransomware attack that severely disrupted its digital systems on August 30 of this year. Fortunately, the impact was limited to the APA’s website, as the targeted data is stored separately from American Airlines’ servers. IT teams and security experts are working tirelessly to restore data from backups, and they are also collaborating with law enforcement agencies to ensure the removal of stolen data from the hackers’ servers without succumbing to ransom demands.
3. MR. Cooper, an insurance company based in Texas, recently suffered a cyber attack that temporarily halted its IT systems, including payment processing. The company promptly released a statement acknowledging the incident and stated that their IT teams are working around the clock to mitigate the risks.
Customers who were in the process of paying insurance premiums or accessing the company’s webpage for various purposes are advised to wait for further updates on the main webpage, as the company intends to extend the grace period due to the digital attack.
Cybersecurity Insiders has received information from its sources that the attack was a variant of ransomware. However, MR. Cooper is currently conducting an investigation and has promised to provide more details as soon as they become available.