How did hackers get into the networks of both companies and what data did they manage to steal?
Japanese motorcycle manufacturer Yamaha Motor and the American medical organization WellLife Network confirmed the facts of a cyber attack on their networks after the companies ' data was published on the site of leaks by one of the hacker groups using extortionate software.
Yamaha Motor announced on November 16 that a server operated by its motorcycle manufacturing and sales subsidiary in the Philippines was attacked by a ransomware program late last month. As a result of the attack, employees ' personal information was exposed.
The company noted that it will take more time to assess the full extent of the damage. The incident was reported to the Philippine authorities on October 27, and last Thursday the company confirmed the leak of employee data.
In a statement, Yamaha Motor said that the attack affected literally one of the company's servers and did not affect the central office or other companies of the Yamaha Motor group. However, technical specialists are carefully monitoring the situation, showing increased vigilance.
A group of hackers INC, who used a ransomware program, posted information about Yamaha Motor on their leak site on Wednesday, November 15. According to SentinelOne researchers, the group appeared only in July and mainly exploited the vulnerability CVE-2023-3519 in Citrix products.
Meanwhile, WellLife Network, a company with an annual budget of $ 100 million that provides a wide range of services to people with intellectual disabilities and mental illnesses, was added to the list of victims of INC a little later, on Friday, November 17. Although the company itself publicly reported the incident on November 6. At the same time, the attack itself occurred in late August.
As a result of the attack on WellLife, names, dates of birth, demographic information, as well as other personal or medical data of customers could be stolen. An investigation is currently underway. In documents filed with the Office of Civil Rights of the US Department of Health and Human Services, it is reported that the attack violated the privacy of more than 500 people.
Both incidents demonstrate the vulnerability to hacker activity of even large companies and emphasize the need to ensure comprehensive security using advanced security tools in order not to become another victim of clever intruders.
Japanese motorcycle manufacturer Yamaha Motor and the American medical organization WellLife Network confirmed the facts of a cyber attack on their networks after the companies ' data was published on the site of leaks by one of the hacker groups using extortionate software.
Yamaha Motor announced on November 16 that a server operated by its motorcycle manufacturing and sales subsidiary in the Philippines was attacked by a ransomware program late last month. As a result of the attack, employees ' personal information was exposed.
The company noted that it will take more time to assess the full extent of the damage. The incident was reported to the Philippine authorities on October 27, and last Thursday the company confirmed the leak of employee data.
In a statement, Yamaha Motor said that the attack affected literally one of the company's servers and did not affect the central office or other companies of the Yamaha Motor group. However, technical specialists are carefully monitoring the situation, showing increased vigilance.
A group of hackers INC, who used a ransomware program, posted information about Yamaha Motor on their leak site on Wednesday, November 15. According to SentinelOne researchers, the group appeared only in July and mainly exploited the vulnerability CVE-2023-3519 in Citrix products.
Meanwhile, WellLife Network, a company with an annual budget of $ 100 million that provides a wide range of services to people with intellectual disabilities and mental illnesses, was added to the list of victims of INC a little later, on Friday, November 17. Although the company itself publicly reported the incident on November 6. At the same time, the attack itself occurred in late August.
As a result of the attack on WellLife, names, dates of birth, demographic information, as well as other personal or medical data of customers could be stolen. An investigation is currently underway. In documents filed with the Office of Civil Rights of the US Department of Health and Human Services, it is reported that the attack violated the privacy of more than 500 people.
Both incidents demonstrate the vulnerability to hacker activity of even large companies and emphasize the need to ensure comprehensive security using advanced security tools in order not to become another victim of clever intruders.
