Japanese watchmaker Seiko Group has been hit with a ransomware attack, with the BlackCat/ALPHV ransomware group claiming responsibility for the hack.
Seiko disclosed the incident on August 10, 2023, describing it as a data breach that took place on June 28. The company said at the time that a third party gained access to at least one of its servers and stole some data. The watchmaker didn’t reveal what data may have been compromised.
Now, the BlackCat/ALPHV ransomware gang has taken credit for the breach, sharing screenshots of what appear to be internal documents, including watch blueprints and designs, sales reports, invoices, employee emails, employee personal data, contracts and audits
The BlackCat ransomware operation first debuted in November 2021 and since then has consistently been listed among the top ten most active ransomware groups. BlackCat was linked to now-defunct BlackMatter/DarkSide ransomware. In 2022, BlackCat affiliates were linked to the attempted extortion of entities globally across multiple sectors including education, government, and energy.
In March 2023, the BlackCat group stole sensitive data from data storage devices maker Western Digital and then mocked the company by leaking a series of screenshots of internal emails and video conferences indicating they still had access to WD’s systems while it was dealing with the hack.
More recently, Microsoft has spotted a new version of the BlackCat ransomware, which includes the open-source communication framework tool Impacket used to facilitate lateral movement in target environments.