The DarkSide ransomware group, known for the attack against Colonial Pipeline, has a new victim – a subsidiary of Japanese tech company Toshiba. The company has admitted to being a victim of a security breach caused by the DarkSide ransomware.
It is noteworthy that Colonial Pipeline paid a ransom in the amount of $5 million to the DarkSide ransomware collective. However, the tool was so slow that Colonial Pipeline had to use its own backups to help restore the system.
DarkSide Ransomware’s Latest Victim: Toshiba Tec Corporation
Toshiba Tec Corporation recently made a statement regarding the attack where it reveals some details. “According to the investigation, the extent of impact has been limited to some regions in Europe and we have not yet confirmed a fact that customer related information was leaked externally,” the statement says.
The company also took actions to stop the networks and systems operating between Japan and Europe, as well as those operating among European subsidiaries. These measures were taken to precent the spread of damage while deploying recovery measures after the completion of data backup.
In terms of the attack’s impact, the investigation reveals there’s a possibility that some information and data may have been leaked by the criminal group. Investigation is ongoing, “in cooperation with external specialized organization to grasp the details,” the statement adds.
The Triple Extortion Trend
Various cybercrime groups have been leaking enterprise data compromised in ransomware attacks. But a new trend has also emerged. Known as triple extortion, the new approach enables ransomware operators to demand ransom payments from the victim’s customers, partners, and other third parties related to the initial attack.
“Third-party victims, such as company clients, external colleagues and service providers, are heavily influenced, and damaged by data breaches caused by these ransomware attacks, even if their network resources are not targeted directly,” Check Point’s latest ransomware report recently revealed. Hopefully, the attack against Toshiba Tec Corporation won’t lead to further extortion against related companies.