Toshiba Tec France Imaging Systems has fallen victim to a ransomware attack. The company is a subsidiary of Toshiba that focuses on point-of-sale equipment and multifunction printers.
Reuters reports that the attack was carried out by DarkSide, the same group of hackers who were behind the recent attack on the American Colonial Pipeline. That attack shut down a crucial oil pipeline for several days, forcing the victim to transfer 5 million dollars to the hackers.
Minimal data loss
It is not known how much ransom Toshiba Tec is asking for the encrypted data. The company states in an announcement that only a minimal amount of work data was lost. Furthermore, relevant authorities have been notified, and network connections between Europe and Japan have been interrupted to prevent further spread of the ransomware. Meanwhile, Toshiba Tec is working on restoring backups.
As far as the company knows, no Toshiba Tec customer data was leaked in the attack, although the company does not rule out the possibility that the attackers stole information. The investigation into the extent of the attack is ongoing. Toshiba Tec pledges to further enhance its measures to protect the information of both its employees and customers.
DarkSide is an organisation that, according to American intelligence, is allied with Russia. The hackers speak Russian and avoid targets within the former Soviet Union. The organisation outsources the actual execution of the attacks to third parties to subsequently handle the negotiations on a deposit and the release of data itself. The organisation itself claims to have no political motives but just wants to make money.