JVCKenwood suffered a Conti ransomware attack in which threat actors claim they stole 1.7 TB of data and demand a $ 7 million ransom.
JVCKenwood is a Japan-based electronics multinational that employs 16,956 people and has 2021 sales of $ 2.45 billion. The company is known for its JVC, Kenwood and Victor brands, which manufacture car and home audio equipment, radio and healthcare equipment, professional and vehicle cameras, and portable power plants.
Yesterday, JVCKenwood revealed that the servers belonging to its sales companies in Europe were hacked on September 22 and that the threat actors may have had access to the data during the attack.
“JVCKENWOOD detected unauthorized access on September 22, 2021, to servers managed by some of the JVCKENWOOD Group sales companies in Europe. The possibility of information leakage by a third party performing unauthorized access was identified”, JVCKENWOOD announced in a press release.
“The specialized agency external to the company is carrying out a detailed investigation in collaboration with the relevant authorities. At this time, no leaks of customer data have been confirmed. Details will be announced on the company’s website. As soon as possible. as available. ”
JVCKenwood hit by ransomware
Today, a source shared a ransom note for a CONTI ransomware sample used in the attack on JVCKenwood.
In a negotiation chat, the ransomware gang claims to have stolen 1.5 TB of files and demands $ 7 million not to publish the data and to provide a file decryptor.
As evidence of the data theft, the threat actors shared a PDF file indicating that it is a scanned passport of a JVCKenwood employee.
Since he provided evidence of the data theft, there has been no further contact from JVC representative Kenwood, indicating that the company likely will not pay a ransom.
Conti is a family of ransomware believed to be run by the TrickBot threat actor group and commonly installed after networks have been compromised by the TrickBot, BazarBackdoor, and Anchor Trojans.
The ransomware gang has been responsible for a wide range of attacks over the years, including high-profile attacks against the city of Tulsa, the Irish Health Service Executive (HSE), Advantech, and numerous healthcare organizations.
More recently, the Conti gang faced some controversy after a disgruntled affiliate leaked the ransomware attack operations manual, providing law enforcement agencies and investigators with information on their tactics.
Last week, a joint report between the FBI, CISA and NSA warned of the escalation of Conti ransomware attacks.
BleepingComputer has contacted JVCKenwood with questions regarding the attack but has not received a response at this time.
Catch up on more articles here
Follow us on Twitter here