Zipper manufacturer YKK Group allegedly breached by LockBit


YKK Group, the world’s largest manufacturer of zippers, was recently posted on the LockBit gang’s dark web blog. Criminals use the site to showcase their latest victims. YKK USA said there's no evidence attackers accessed any data.

Cybercriminals posted the company on their dark web blog on June 2nd, indicating that the YKK Group might have been breached. The post doesn’t reveal what type of data was exposed or which one of the many YKK Group-affiliated businesses could have been affected.

The only info given is that the data will be published in two weeks time. Ransomware gangs typically steal data, lock their victims’ systems, and threaten to leak the stolen data if the victims don’t meet the ransom demands.

ADVERTISEMENT

YKK told Cybernews that after discovering that attackers are targeting their network, YKK USA contained the threat before any significant damage could be done or sensitive information taken.

“The incident did not have a material impact on our operations or our ability to continue to serve our customers. There is no evidence that personal or financial information or intellectual property was compromised,” the company told Cybernews.

YKK Group
Post on LockBit's leak site. Image by Cybernews.

YKK Group is a Japanese manufacturing conglomerate best known for manufacturing zippers. However, the company also produces industrial machinery and hardware. YKK Group controls over 100 companies worldwide, employs over 44,000 people, and boasts a revenue exceeding $6 billion last year.

LockBit is widely regarded as the foremost of all ransom gangs, with over 1,700 victim organizations, according to ransomware monitoring platform Darkfeed. The US Department of Justice estimates its total haul of ransom payments as $75 million, but the true total may be considerably higher as LockBit continues to be prolific.

LockBit has been linked with other prominent Russia-affiliated ransomware cartels, such as Conti and its successor Black Basta. Connections have also been made with DarkSide and its descendants BlackMatter and BlackCat/ALPHV.

While there’s little doubt that LockBit’s leader, nicknamed LockBitSupp, resides in Russia, he is believed to employ some Bondian techniques to evade detection.

For example, he has said he uses SpaceX’s Starlink internet connection to make it more difficult to track him down should the authorities ever identify his point of network access.

ADVERTISEMENT

Updated [June 5, 2:00 PM GMT] the article with the company's comment.