Shulou(Shulou.com)11/24 Report--

Thanks to CTOnews.com netizen OC_Formula for the clue delivery! CTOnews.com, Aug. 23 (Xinhua)-- the BlackCat / ALPHV ransomware gang has added Japanese watchmaker Seiko Seiko to its blackmail website, claiming responsibility for the cyber attack that the company disclosed earlier this month.

Seiko Seiko is one of the largest and oldest watchmakers in the world, with about 12000 employees and annual revenues of more than $1.6 billion.

On August 10, 2023, Seiko issued a data disclosure notice that an unauthorized third party gained access to at least part of its IT infrastructure and accessed or stole data.

"it seems that on July 28, 2023, some unidentified groups obtained unauthorized access to at least one of our servers," Seiko's statement said. Then, on August 2, we commissioned a team of external network security experts to investigate and evaluate the situation. As a result, we can now reasonably determine that there are violations and that some of the information stored by our company and / or group companies may have been compromised. "

Seiko apologized to customers and business partners who might be affected and urged them to be wary of email or other communication attempts that might impersonate Seiko.

A few days ago, the BlackCat blackmail software group claimed it was behind the Seiko attack and released data samples they claimed to have stolen during the attack, bleepingcomputer reported.

BlackCat mocked Seiko's IT safety and leaked what it claimed to be production plans, employee passport scans, new product release plans and special laboratory test results. Most worryingly, the hackers claimed to have obtained Seiko's confidential technical schematics and samples of Seiko watch designs.

▲ Touyuan bleepingcomputer foreign media said that BlackCat is one of the most advanced and notorious blackmail software groups, taking the initiative to target enterprises to constantly evolve their extortion strategies. For example, the organization was the first to use a Clearweb website that specifically leaked data from specific victims, and it recently created a data disclosure API to make it easier to distribute stolen data.

Culated Intel researchers say an initial access agent (IAB) sold access to a Japanese manufacturing company on July 27, a day before Seiko said they were initially invaded. Although IAB did not disclose the name of the company they sold access to, they did say that the company was manufacturing and that it was "1.8B" based on Zoominfo's revenue, which exactly matched Seiko's Zoominfo page.

▲ diagram source Culated Intel

▲ Seiko's Zoominfo page shows that its income is also 1.8B. As of CTOnews.com 's post, Seiko has not responded to BlackCat's statement of blackmailing the software group.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.