Nidec confirms company data was leaked online following a ransomware attack
22 Oct 2024
1 MIN read
In early 2024, Nidec Corporation, a Japanese multinational known for its electric motor technology, confirmed that data stolen during a cyberattack had been leaked on the dark web. The attack, which targeted its subsidiary Nidec Precision, did not involve ransomware or encryption of systems. Instead, the threat actor gained access to sensitive information by stealing valid VPN credentials from an employee and exploiting them to enter a server.
Nidec Precision, based in Vietnam, specializes in precision components for robotics, electronics, and industrial automation. The breach occurred in June 2024, leading to the theft of 50,694 files, which included internal documents, business contracts, procurement-related records, and safety policies. Although the ransomware group 8BASE initially claimed responsibility, another threat actor known as Everest later leaked the stolen data online. Everest, known for extortion, is believed to have taken over the extortion efforts when 8BASE’s demands went unmet. Despite these attacks, Nidec Corporation did not succumb to any ransom payments.