Yamaha and WellLife Community verify cyber incidents after ransomware gang claims assaults

Japanese producer Yamaha Motor and the healthcare group WellLife Community have confirmed cyberattacks after being added to the leak web site of a ransomware gang this week.

Yamaha Motor printed a discover on Thursday confirming {that a} server managed by its motorbike manufacturing and gross sales subsidiary within the Philippines had been hit with a ransomware assault found on October 25.

The assault leaked the non-public data of workers however the firm famous that it’ll take extra time earlier than it understands the total extent of the injury.

The incident was reported to Philippine authorities on October 27 and on Thursday, the corporate confirmed that worker data was leaked.

“At current, servers and techniques at YMPH not compromised by this assault have been restored. The assault was restricted to one of many servers managed by YMPH and now we have confirmed that it has not affected the headquarters or another corporations within the Yamaha Motor group,” the corporate mentioned in a press release.

“Nonetheless, we’ll proceed to carefully monitor the state of affairs whereas persevering with our work to totally restore the techniques at YMPH broken by the assault as rapidly as attainable.”

Yamaha Motor didn’t say which ransomware group attacked them however the INC ransomware gang posted the corporate to its leak web site on Wednesday.

Based on researchers at SentinelOne, the ransomware group emerged in July. Like a number of different extortion gangs, the group has been seen exploiting CVE-2023-3519 — a vulnerability affecting merchandise from Citrix that has been a part of a “large-scale exploitation marketing campaign,” in accordance with the Dutch Institute of Vulnerability Disclosure and cybersecurity agency Fox-IT.

SentinelOne famous that it has seen the group goal a number of industries together with schooling, authorities and healthcare.

On Friday, the group added WellLife Network to its record of victims. With an annual working funds of $100 million, the group gives a spread of providers to individuals with mental or developmental disabilities in addition to these with psychological sickness.

On November 6, the group posted a discover informing sufferers and workers that their IT crew found a cyberattack in early September.

“The investigation is ongoing presently. Nonetheless, as of this writing, the investigation has decided that between August 26, 2023 and September 7, 2023, an unauthorized actor gained entry to sure WellLife techniques and should have considered or taken sure data contained therein,” they mentioned.

The data stolen consists of names, dates of beginning, demographic data, and different private or well being data.

They’re nonetheless investigating the incident and plan to contact these affected, in addition to state regulators. They didn’t reply to requests for remark about how many individuals had been affected however in paperwork filed with the U.S. Division of Well being and Human Companies’ Workplace for Civil Rights, they mentioned 501 individuals had been impacted.