JVC Kenwood reports intrusion into European servers
JVC Kenwood reports a break-in on servers of sales companies of the JVC Kenwood Group in Europe. Data may have been stolen. There are indications that it is ransomware and 1.5TB of data has been piped away.
According to JVC Kenwood, it was discovered on September 22 that criminals had gained access to servers run by sales companies of the Japanese multinational. An investigation is underway by a security company in conjunction with the authorities, but JVC Kenwood has not disclosed more details.
A source from Bleeping Computer claims that the servers were affected by Conti ransomware and 1.5TB of data was stolen. The criminals are said to demand a ransom of $7 million. If JVC Kenwood did not respond, the company would not receive the decryptor and the ransomware group would publish the stolen data. As proof, they allegedly provided a PDF file containing a scanned passport of a JVC Kenwood employee.
The FBI, Cybersecurity & Infrastructure Security Agency and NSA warned last week of increased attacks with the Conti ransomware. The Antwerp managed service provider ITxx, among others, was the victim of a Conti attack last year.