2 min read

Following claims by two ransomware groups, Yamaha confirms the cyberattack


July 26, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Following claims by two ransomware groups, Yamaha confirms the cyberattack

Yamaha Corporation, the world's largest producer of musical equipment, has confirmed that has suffered a "cybersecurity incident" during which hackers gained unauthorised access to its systems, and stole data.

In a brief statement on the Yamaha Canada website, the maker of musical instruments and audio equipment - which is separate from the spun-off motorcycle division - said its IT team was working with external specialists to "prevent significant damage or malware infiltration" into its network.

Although it doesn't specifically refer to its "cybersecurity incident" being ransomware-related, I don't think anyone would be surprised if they learnt that extortionists were now either demanding a ransom be paid for a decryption key to unlock garbled data, or for the non-release of stolen data, or both.

Indeed, the ransomware theory gains even more credibility when it's realised that Yamaha was listed on the leak website of the Russian-speaking BlackByte ransomware gang last month, and again last week on the Akira group's site on the dark web.

It's possible that whoever has hacked into Yamaha's network is operating as an affiliate of both the Akira and BlackByte ransomware operations - and as both groups list their victims on their leak sites, in all likelihood Yamaha will find itself even more in the spotlight by appearing to be a victim of multiple ransomware gangs.

Last week it was revealed that cosmetics firm Estée Lauder had suffered a similar fate, at the hands of two different ransomware gangs - albeit seemingly as the result of two separate attacks.

Yamaha says that it is contacting affected individuals to warn them about the data breach, and is offering credit monitoring services to those at risk of fraud.  In addition, the firm says that it is putting additional security measures in place to reinforce the defence of its network.

In October 2021, security researchers released a free decryption tool that can be used by BlackByte ransomware victims to decrypt and recover their files.  Unfortunately, the tool is unlikely to be of any help to Yamaha due to the ransomware's evolution in the meantime.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like