Bridgestone Americas on Thursday confirms the company has suffered what it calls a “limited cyber incident” – ironically, on the same day luxury carmaker Jaguar Land Rover was breached by the publicity-hungry Scattered Spider-led trio of ransomware gangs.
-
Bridgestone Americas is hit by a “limited cyber incident,” though it claims customer data wasn’t compromised.
-
Experts say the attack shows hallmarks of ransomware, echoing similar disruptions at Jaguar Land Rover and other manufacturers.
-
Some reports claim operations at all facilities across North America have been affected.
"Bridgestone Americas continues to investigate a limited cyber incident impacting some of our manufacturing facilities," the company said in a limited statement.
“Our team responded quickly to contain the issue in accordance with our established protocols. While our forensic analysis is ongoing, we remain confident that we were able to quickly contain this incident,” the company stated.
Bridgestone believes none of “its customers' data or interfaces were compromised,” yet no other information was provided. There has been at least one report that all of the company's North American manufacturing facilities have been impacted.
"This attack has many of the hallmarks of a ransomware attack, although not confirmed,” said Paul Bischoff, Consumer Privacy Advocate at Comparitech.
Sunday’s attack “disrupted the company's manufacturing facilities, not just non-essential stuff like communications, sales, and payroll like we see with most attacks,” Bischoff said, adding that although Bridgestone claims it stopped the attack early, “it's best to assume the worst until the investigation is complete."
No group has claimed attack - yet
Although no hackers have come forward to claim the Bridgestone incident, Rebecca Moody, Head of Data Research at Comparitech, says, “It's likely we'll see a ransomware group claiming the attack in the coming weeks, especially if Bridgestone chooses not to pay the attackers' ransom demand.”
Moody’s predicted succession of events is precisely what Jaguar Land Rover (JLR) is facing right now as a Scattered Spider-led hacking collective – which includes the notorious Shiny Hunters and LAPSUS$ gangs – has taken claim for the JLR breach and is reportedly chomping at the bit for a ransom payment.
That attack also forced the high-end auto manufacturer to "proactively shut down its systems, causing severe disruptions to its retail and production activities," JRL announced earlier this week.
Founded in 1931 and headquartered in Nashville, Tennessee, Bridgestone Americas – also the parent company of Firestone, another US tire manufacturing giant – has 13 corporate offices across North and South America, including in Canada, Mexico, Brazil, Argentina, and Costa Rica, its website shows.
Bridgestone also boasts nearly three dozen manufacturing plants across the Americas, including two facilities in Aiken, South Carolina, and another in the city of Joliette, Quebec, both of which reported being impacted by the cyberattacks on Sunday – coincidentally, also the same day as the attack on JLR.
In Joilette, an internal memo was reportedly sent to the plant’s 1400 employees alerting them the facility's operations were suspended on Sunday, without any more information as to when operations would resume, the local news outlet MonJoilette said.
The Mayor of Joilette, who said he spoke directly with Bridgestone execs, told the Canadian media outlet that “the cyber incident is believed to have affected all factories in North America.”
Manufacturers on high alert
The new ransomware collective, branded as “scattered LAPSUS$ hunters,” is said to have breached JRL on Sunday, August 31st, taunting the auto manufacturer and posting purported samples of stolen sensitive files on its Telegram channel.
The Scattered Spider ransomware group, working with another gang known as DragonForce, has been blamed for a slew of major breaches this year, including the attack on Britain's Marks & Spencer and other UK retailers.
Now, the latest hacking trio is thought to be behind the recent spree of Salesforce supply chain attacks impacting over 700 companies worldwide, including in the last week alone, cybersecurity heavyweights Palo Alto Networks, Cloudflare, and Zscaler.
Citing Comparitech’s August ransomware roundup report, Moody says “manufacturers are facing an increasing number of ransomware attacks, and are a prime target for hackers due to the amount of disruption they can cause by encrypting systems.”
According to the report, ransomware attacks among the manufacturing sector jumped a whopping 57% from July to August alone.
Bischoff also noted that Bridgestone suffered a previous ransomware attack in 2022 by the now-degraded LockBit cartel, which would make this the second time the manufacturing behemoth has fallen victim to ransomware.
Cybernews has reached out to Bridgestone Americas for further clarification but has not heard back at the time of this report.
Your email address will not be published. Required fields are markedmarked