Japanese manufacturing conglomerate YKK Group, the world’s largest manufacturer of zippers, has been hit with a cyberattack that reportedly affected its US operations.
YKK Group, which also makes industrial machinery and hardware, controls over 100 companies worldwide, employs over 44,000 people, and boasts a revenue exceeding $6 billion last year.
The company did not reveal the nature of the incident but said it was able to contain the attack before damage was done or data was stolen, Recorded Future News reported.
“The incident did not have a material impact on our operations or our ability to continue to serve our customers,” Jessica Kennett Cork, vice president of corporate communications at YKK Corporation of America told the news outlet, adding that there’s no evidence that any data or intellectual property was stolen.
However, on June 2, 2023, the notorious LockBit ransomware gang listed YKK as one of its victims on its dark web data leak site, indicating that the company might have been hacked.
LockBit is a ransom-as-a-service (RaaS) operation responsible for an estimated 40% of all ransomware infections worldwide. LockBit's high profile targets have in the past included tech manufacturer Foxconn, NHS vendor Advanced, IT giant Accenture, and German autoparts company Continental.
The LockBit ransomware gang has been observed exploiting known vulnerabilities in Fortra’s GoAnywhere MFT solution and installations of PaperCut to target healthcare.
In March, the US CISA and partners released a security advisory detailing the Indicators of Compromise (IoCs) and Tactics, techniques, and procedures (TTPs) associated with the LockBit 3.0 ransomware operation.
