DarkSide affiliates didn’t rest on laurels and claimed another victim. This time a Toshiba business unit has fallen victim to a DarkSide ransomware attack.
The news was broke on Friday when Toshiba Tec Corp reported a cyberattack on its European subsidiaries that has impacted some of its operations in Europe.
Toshiba Tec Corporation manufactures such products as barcode scanners, Point-of-Sale (PoS) systems, printers, and other electronic devices. The company’s French subsidiary has been hit the most.
Toshiba Tec says they immediately shut down networks between Japan, Europe, and its subsidiaries, implemented recovery protocols and data backups, and reported the incident to local authorities.
“After discovering the damage, the Toshiba Tec Group (“the group”) immediately reported to the authorities concerned in Europe. The group also took actions to stop the networks and systems operating between Japan and Europe as well as those operating among European subsidiaries with the aim of preventing the spread of damage.”
The company launched an investigation into the extent of the impact and invited a third-party cyber forensics expert to assist with it.
Toshiba’s unit said it does not have any indication that customer-related information had leaked; however, the company acknowledged “it is possible that some information and data may have been leaked by [a] criminal gang.”
The hackers claim to have stolen over 740GB of data from Toshiba. The unit said a “minimal amount of work data had been lost,” reports Reuters. Even so, DarkSide affiliates may employ a double-extortion tactic, though, at this time, their leak site is not accessible.
However, ZDNet claims to have seen a cached version of the leak post that showed Toshiba employees’ stolen passports, project documents, and business presentations.