Many people have wondered what the YKK labeled zipper on their jeans and jackets really meant. Well, hackers sure knew what YKK stood for: lots of ransom money. Japanese zipper giant YKK confirmed that its US operations were targeted by hackers in recent weeks but said it was able to contain the threat before damage was caused.
The Tokyo-based corporation would not say if it was hit with ransomware, but a spokesperson reported that once YKK discovered that its US-based networks were targeted, the cybersecurity team “contained the threat before significant damage was done or sensitive information was exfiltrated.”
“The incident did not have a material impact on our operations or our ability to continue to serve our customers,” said the vice president of corporate communications at YKK Corporation of America.[1]
YKK has more than 44,000 employees across the world and an annual revenue of more than $6 billion. It is the world’s largest zipper manufacturer but also produces other fastening products, industrial machinery, plastic goods and more. “There is no evidence that personal or financial information or intellectual property was compromised. We take cybersecurity seriously and thank our stakeholders for their continued trust in YKK," she said.
The company did not respond to follow-up questions about the nature of the cyberattack and whether a ransom was issued. But on 2 June, the LockBit ransomware posted the company on its leak site, threatening to leak data stolen from YKK on 16 June.
lockbit-ykk.pngThe LockBit ransomware gang's posting
The criminal gang posted YKK alongside dozens of other organizations from around the globe. The group continues to be the most prolific ransomware operation in the world, more than doubling the number of attacks launched by its competitors.
In 2023 the group kept up its attacks, targeting everything from churches to bus companies, sheriff's offices and city governments. They most recently stole the personal information of nearly nine million people across the United States from Managed Care of North America, the largest dental insurer in the nation for government-sponsored Medicaid and Children’s Health Insurance Programs.
Last month, the US Department of Justice said LockBit first appeared around January 2020 and has been involved in over 1,400 attacks against victims in the US and elsewhere, “issuing over $100 million in ransom demands and receiving over $75 million in ransom payments.”
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
[1] https://therecord.media/ykk-zipper-manufacturer-cyberattack-us-operations/
Comments