The Canada branch of Panasonic has been hit by a cyber attack. Conti, a ransomware group, is responsible.
Panasonic Canada fell victim to a “targeted cyber attack” in February. That explains against a spokesman Tech Crunch⁇
“We took immediate action to resolve the issue with the help of security experts and service providers. We isolated the malware, restored the servers, rebuilt the applications and interacted with customers and authorities.
This is the second incident in six months. Late last year, a Japanese broadcaster revealed that cybercriminals had repeated access to Panasonic servers until 2021. In December Confident The electronics company discovered the leak. Cybercriminals can access the personal data of job applicants, employees and associates.
Ransomware Panasonic Canada
We know that the most recent attack revolves around malware, but beyond that, the details are limited. Although Panasonic has confirmed that the attack was carried out by cybercriminals, the organization has not identified any culprits.
Security analyst VX-Underground says the attack was carried out by the ransomware group Kandy. TechCrunch claims to have seen the leaked website. Malware groups use leaked websites to solicit attacks and leak data. Partial data breaches will cause the victim to pay the ransom.
Conti’s League website contains internal files, spreadsheets and documents from the HR and accounting departments. According to Conte, the files are coming from a data breach in Panasonic. The total boot will be 2.8 gigabytes.
TechCrunch asked Panasonic if this was a ransomware attack. Panasonic does not deny the possibility. The organization declined to clarify which data was stolen. When the organization came up with the details a month after the announcement was made, there was a response similar to the 2021 incident.
Last week, Kandy leaked customer data from eight Dutch housing associations. Housing associations disintegrated after a ransomware attack on their information technology service provider The Sourceing Company. The sourcing company has not yet recovered. Housing associations have said they do not want to pay the bribe.
Gandhi’s leaked website has been active since 2020. In mid-2021, the ransomware team made headlines in the Irish and New Zealand Scottish Environmental Protection Agency after a series of attacks on clothing brand Fade Face and Healthcare.
During the first attacks, the ransomware team used a variant of the encryption standard AES-256. For attacks on health facilities, Kandy used a new ransomware variant.
In 2022, after the Russian invasion of Ukraine, Gandhi expressed support for Russia. An anonymous security researcher responded 60,000 chat messages Kandy team members. The topics of chat messages vary. Members speak Russian, including support for Putin and anti-Semitism.
Tip: Ransomware is an APT, how do you run it
“Introvert. Communicator. Tv fanatic. Typical coffee advocate. Proud music maven. Infuriatingly humble student.”