Japanese watchmaker Seiko has been added to ALPHV (BlackCat) ransomware group’s victim list, following a data breach occurring in early August.
The Seiko data breach
The company published a data breach and response notice on August 10, 2023, stating that an unidentified party gained unauthorized access to at least one of their servers.
On August 2, Seiko hired a team of external cybersecurity experts to investigate the data breach.
“As a result, we are now reasonably certain that there was a breach and that some information stored by our Company and/or our Group companies may have been compromised,” the company noted.
With the investigation still ongoing, the company is working to prevent additional damage and has urged customers and business partners to contact them if they receive unsolicited emails or notifications.
“If you do happen to receive any such questionable communications, please take extreme precautions to prevent your own systems from harm. Tell your staff to refrain from opening such mails if possible or, if they were opened by mistake, to avoid accessing any included links,” the company added.
On August 21, ALPHV/BlackCat claimed the Seiko data breach by publishing data samples stolen during the attack on their leak site.
ALPHV/BlackCat RaaS group is very active
Microsoft has recently discovered a new version of the BlackCat ransomware leveraged by the group’s affiliates in their latest campaigns.
“This version includes the open-source communication framework tool Impacket, which threat actors use to facilitate lateral movement in target environments,” Microsoft Threat Intelligence researchers explained.
“The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware in target environments.”