TB Kawashima, part of the Japanese automotive component manufacturer Toyota Boshoku of the Toyota Group of companies, announced that one of its subsidiaries has been hit by a cyberattack.

The company did not confirm but there is reason to suspect that it is dealing with an attack from the LockBit ransomware group.

TB Kawashima is a manufacturer of interior fabrics for automobiles, airplanes, theaters, and trains, with offices and plants in the U.S., China, Thailand, Indonesia, and India.

Normal operations, site's down

On Thursday, TB Kawashima announced that one of its subsidiaries, a Thai sales company, had been breached, prompting immediate action that consisted in turning off devices that the attacker accessed.

The company informed that the production and sales activities of the Toyota Boshoku Group have not been impacted and all operations are running at normal parameters.

However, the company’s website is currently down.

Cybersecurity specialists have been called in to assess the damage and law enforcement has been notified about the intrusion.

LockBit leakes alleged TB Kawashima data

While there is no official information about the attack, the LockBit ransomware group claimed TB Kawashima was one of their recent victims on their data leak site.

While there is no official information about the attack, the LockBit ransomware group announced stated on June 17th that they had allegedly attacked TB Kawashima.

Today, the threat actors have begun to leak data that was allegedly stolen during the cyberattack.

LockBit leaked files allegedly stolen from TB Kawashima
source: BleepingComputer

The incident announced by TB Kawashima is the second one this week. A subsidiary of the Japanese car and motorcycle hose maker Nichirin was hit by a ransomware attack on June 14.

In March, DENSO was hit by the Pandora ransomware gang. The company is one of the largest suppliers of automotive components.

And in February, Toyota Motors suspended car production in 14 of its plants in Japan because one of its suppliers of plastic components suffered a cyberattack.

According to a report from cybersecurity company Rapid7 based on data disclosures investigated between April 2020 and February 2022, companies in the automotive and transportation industry are among the top three targets for ransomware actors.

Ransomware incidents per industry
Ransomware incidents per industry - source Rapid7

A few car making companies have been targeted in ransomware attacks over the years (Tesla, Honda, Nissan, Toyota), but their production could also be seriously impacted when suppliers go down.

Related Articles:

LockBit ransomware admin identified, sanctioned in US, UK, Australia

Lockbit's seized site comes alive to tease new police announcements

City of Wichita shuts down IT network after ransomware attack

REvil hacker behind Kaseya ransomware attack gets 13 years in prison

French hospital CHC-SV refuses to pay LockBit extortion demand