The attack against Bombardier RecreationalProducts claimed by the RansomEXX ransomware group

On Monday 8th of August 2022, Bombardier Recreational Products (BRP), a Canadian maker of Ski-Doo snowmobiles, Sea-Doo jet skis, ATVs, motorcycles, watercraft, and Rotax engines confirmed that they were a target of a cyber attack which resulted in Bombardier Recreational Products taking immediate measures that suspended their operations temporarily.

On Monday 15th of August 2022, Bombardier Recreational Products provided an update stating that four manufacturing sites in Canada, Finland, the U.S., and Austria had resumed production, with the rest to follow suit by the end of that week. They also revealed the first results of its internal investigation, saying that the hackers breached its systems via a supply chain attack. Bombardier Recreational Products has promised to notify individuals or corporations directly if the ongoing investigation reveals a more widespread data breach.

“The Company confirms that the malware infiltration came through a third-party service provider. BRP believes that the impact of the cyberattack was limited to its internal systems,” – BRP statement.

On Tuesday 23rd of August, the RansomEXX ransomware gang claimed responsibility for the cyberattack against Bombardier Recreational Products by listing Bombardier Recreational Products on its leak site along with 29.9GB of files allegedly stolen from the firm. The samples provided on the onion site include non-disclosure agreements, passports and IDs, material supply agreements, contract renewals, and more. It appears that the data breach doesn’t include sensitive customer data. In response to the leaked documents, Bombardier Recreational Products have issued a statement confirming that the leaked documents are authentic.