50,000 files exposed in Nidec ransomware attack

A ransomware attack in August 2024 led to the theft of more than 50,000 business and internal documents from Nidec’s subsidiary in Vietnam, Nidec Precision (NPCV), the company has confirmed. The attackers leaked the files online after Nidec refused to meet their ransom demands.

In a security advisory (in Japanese) published last week, Nidec reported that the stolen data included sensitive internal documents such as green purchasing policies, health and safety guidelines and business correspondence.

The company first learned of the attack when cybercriminals reached out, demanding payment in exchange for not releasing the stolen files. After Nidec declined, the documents were posted on a dark web leak site run by the Everest ransomware group.

The breach mainly affected NPCV, which manufactures precision mechanical and optical equipment. The attackers likely gained access to the company’s network using credentials for a general domain account. This allowed them to access files that the account was allowed to see.

Nidec has since disabled the VPN app believed to have been used in the breach and implemented stricter security measures.

Information stolen in the attack

The stolen data included:

• Internal business documents

• Green purchasing guidelines

• Health and safety policies

• Business transactions such as purchase orders and invoices

• Letters from business partners

Read more about ransomware attacks and their impact: Ransomware attack lawsuits reach a staggering $5.2 billion by 2024

Nidec assured stakeholders that the compromised data is not expected to result in significant financial damage and that there is no evidence that it has been misused.

In response to the breach, the company said it had conducted a thorough investigation, changed passwords and reviewed server access rights. It has also notified affected business partners.

While Nidec did not officially name the group responsible for the attack, both the 8base and Everest ransomware gangs had previously claimed credit for similar incidents involving Nidec at their leak sites earlier this year.

Headquartered in Kyoto, Japan, Nidec is a world leader in the manufacture of electric motors, operating in 40 countries with around 300 subsidiaries.