Menu
On May 14th, 2021, European subsidiaries of the Toshiba Tec Group companies experienced a ransomware attack from the DarkSide ransomware group. After discovering the attack, the Toshiba Tec Group immediately shut down the networks and systems operating between Japan and Europe and its other subsidiaries in the hope of preventing the spread of the ransomware while deploying recovery measures after their data backup had been completed.
Toshiba Tec Group also started an investigation with an external specialised forensics organization. According to the investigation, the impact of the attack had been limited to Europe and that no customer related information had been leaked but Toshiba Tec Group did state that it is possible that some information and data, which not related to any customers, may have been leaked by the DarkSide ransomware group.
Toshiba Tec Group did not name the ransomware or the group DarkSide involved in the attack but there are screenshots of a post from DarkSide leak website which stated more than 740 gigabytes of information was compromised and included passports and other personal information from Toshiba Tec Group.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
