Japanese watchmaker Seiko has fallen victim to a cyberattack orchestrated by the BlackCat/ALPHV ransomware gang, as the group adds Seiko to their roster of targeted companies on their extortion site.
Seiko, a globally recognized and historic watchmaker with over 12,000 employees and an annual revenue exceeding $1.6 billion, disclosed the breach on August 10, 2023. The unauthorized breach granted access to a part of Seiko’s IT infrastructure, potentially compromising data stored by the company and its subsidiaries.
The cyberattack took a distressing turn as the BlackCat ransomware group claimed responsibility for the breach, flaunting samples of stolen data. The exposed information includes production plans, employee passport scans, new model release strategies, specialized lab test results, and confidential technical schematics, including watch designs. The implications of the leaked technical drawings suggest that Seiko’s proprietary technology could be exposed to competitors and imitators.
BlackCat, a prominent ransomware gang with a reputation for sophisticated tactics, has not only revealed its role in the attack but also displayed a mockery of Seiko’s IT security measures. The group’s evolving extortion tactics, such as using dedicated clearweb leak sites and creating data leak APIs, exemplify their adaptability and threat to enterprises.
A subsequent update from researchers indicated that an initial access broker (IAB) had sold access to a Japanese manufacturing company, potentially linked to Seiko’s breach, raising concerns about broader security vulnerabilities within the industry.
While Seiko has not yet provided a response to the claims made by the threat actors, the incident highlights the growing risks faced by esteemed companies like Seiko in an increasingly hostile cybersecurity landscape.
