JVCKenwood, a multi-business equipment manufacturer, has been infected with Conti Ransomware. According to reports, servers belonging to a portion of JVCKenwood’s sales companies in Europe were breached on September 22nd. At the time of discovery, it was unknown if customer data had been accessed. A representative at JVCKenwood stated, “Currently, a detailed investigation is being conducted by the specialized agency outside the company in collaboration with the relevant authorities. No customer data leak has been confirmed at this time. The details will be announced on the company website as soon as they become available.” Speculation turned into confirmation when threat actors shared a sample of data that they claim belongs to an employee of JVCKenwood. In a negotiation chat, it was made clear that the group is in possession of around 1.5 TB of data, and they are asking $7 million USD for the decryption key and to not publish the data. No comment has been made again by the JVCKenwood team.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in