(29/07/23) Blog 210 – Yamaha hit by cyber attack
Yamaha Canada Music Ltd, a division of Yamaha Corporation – famous for musical instruments and audio equipment – has announced that it has been the target of a cyber attack.
A statement issued on the 20th July said that “Yamaha Canada Music Ltd. recently encountered a cyber attack that led to unauthorized access and data theft”.
It is unknown at this time what data has been seized by the attackers, however Yamaha Canada has already taken steps to contact affected individuals and are offering credit monitoring services to those at risk. As such it can be assumed that PII data has been accessed which would include names, addresses, email addresses, and banking data.
Double hit?
In a strange turn of events, back in June, Yamaha appeared on the list of victims posted on the dark web site for the hacking group Black Byte, but on the 21st July they appeared on the leak site of the Akira ransomware gang.
It is not known if this is due to two separate attacks, or that the same data has been posted by an affiliate attacker to two different ransomware gangs in an attempt to pressure Yamaha to pay up.
Although a rare occurrence, it is not the first time a victim has had data leaked to two or more ransomware sites.
Who are BlackByte and Akira?
BlackByte are a gang who first appeared in 2021 but had a poorly coded decrypter tool. The tool was quickly reverse engineered and a free decrypter was released to help victims recover their data.
This led to BlackByte producing a better coded variant of their decrypter which has allowed them to ransome many victims sucesfully.
Akira is a new ransomware gang, having been first seen in March 2023, but have already accrued a list of high-profile victims including The Development Bank of Southern Africa, The city of Nassau Bay in Texas, Bluefield University in Virginia, and LCG – (a Forex trader based in London)
LCG is a recent victim and their company website is still showing a message to customers about how to gain access to their accounts.
