The LockBit ransomware gang has added Shimano to its extortion site on the dark web, claiming an attack against the Japanese firm.
Shimano is a multinational cycling components, fishing, and rowing equipment manufacturer with an annual revenue of over $4 billion, 13,000 employees, and a global bike component market share of 50% (70% on the high-end market). Shimano is widely regarded as a pioneer in bicycle technology, having introduced and popularized indexed shifting, integrated levers, hollow tech cranksets, digital electronic shifting, and many more innovations.
Today, LockBit 3.0, a notorious ransomware-as-a-service (RaaS) operation which is among the most active in the field since last year, added Shimano on its dark web portal where victims are “named and shamed,” and threats to leak stolen data are delivered.
The attackers claim that they have stolen a whopping 4.5 TB of data from Shimano’s networks, including the following data:
- Employee information: ID, NRIC, IC No., TIN Number, SSS Number, email, telephone number, residential address, passport scans, and contracts marked as “confidential.”
- Financial documents: balance sheets, budgets, profit and loss (PL) reports, expense reports, bank statements, accounts payable and receivable reports, various tax forms and reports, audits, and cash flow statements.
- Client database: address, phone number, person responsible
- Other documents: reports, presentations, analytics, internal communication, meeting minutes, development updates, confidential reports, sales data, legal documents, factory inspection results, project details, production reports, machine information, committee findings, and incident reports.
- Confidential material: Non-Disclosure Agreements (NDAs), contracts, agreements, diagrams/drawings marked as “confidential,” development materials, laboratory tests, and Corrective Action Reports.
The above information would be highly exposing for Shimano and its clients, also containing information about patented technology that could help competitors in the field get up to speed with the Japanese market leader. It is crucial to underline that LockBit has not posted any samples of the stolen data yet, so there’s nothing to back up the claims.
The deadline for leaking the files stolen from Shimano was set to November 05, 18:34 UTC, in approximately 48 hours.
RestorePrivacy has contacted Shimano with a request for a comment on the above, and we will update this post once we hear back.