Home Appliance Maker ‘Whirlpool’ Hit by Ransomware Actors

  • The Nefilim ransomware gang has compromised ‘Whirlpool’, and the first data samples are already out.
  • Whirlpool says the attack doesn’t significantly impact its operations and that customer data hasn’t been compromised.
  • Nefilim is not the most active ransomware actor out there, but when they hit, they pick big targets.

The Nefilim group of ransomware actors has had a successful breach into Whirlpool’s corporate network, stealing data from the home appliance giant and encrypting a large number of devices. The hackers are already leaking samples of the stolen data on the dedicated leak website, essentially raising the heat of extortion for the victim. The first documents that appeared there include medical information requests, employee background checks, benefit details, accommodation requests, and various other “secondary” files.

Source: BleepingComputer

According to a report by BleepingComputer claiming expert sources, the attack occurred in the first weekend of December, which is consistent with the time of the leaks. Whirlpool has since restored its systems fully, but they had to admit the ransomware incident now, and they did. In their statement, the firm claims that the detection and containment of the malware happened immediately, and so the production of goods wasn’t impacted at all. Moreover, they gave assurances that no customer information was exposed or compromised, so this affects only Whirlpool employees.

Whirlpool is a very lucrative target for hackers, being a Fortune 500 company employing over 92,000 people, and having an annual revenue figure of more than $21 billion. However, succeeding in delivering a notable blow in its production lines is very unlikely as the firm operates nine individual manufacturing facilities across the United States. This is why threat actors rely on data-stealing more than encrypting and locking.

Nefilim is not among the most active ransomware groups out there, but they are known for targeting the “big fishes” out there. In May 2020, Nefilim compromised the Toll Group's systems, creating massive problems for the transportation and logistics company that lasted for weeks. Later, in October 2020, Nefilim managed to deliver a blow to Luxottica, the world’s largest eyewear manufacturer. The data appeared online a month later, exposing almost 830,000 patients in the United States.

As for Whirlpool, the firm hasn’t demonstrated the best practices in general. Almost a year ago, we reported about a customer database being left exposed online, allowing anyone with a web browser and a valid URL to access 28.1 million records coming from 48,000 home appliance devices. To make matters worse, the records concerned hourly device scans that sent back SAID, model numbers, attributes, and the customers' email address.

How to Watch Yes, Chef! Christmas Online from Anywhere
Yes, Chef! Christmas follows Alicia, a culinary school instructor with no goals or aspirations. When Alicia receives an invitation to compete in...
How to Watch European Rugby Champions Cup 2023 Online Free: Live Stream the Matches from Anywhere 
The tenth season of the European Rugby Champions Cup, aka Investec Champions Cup, is upon us. Rugby fans in the UK can...
How to Watch Round and Round Online from Anywhere
Round and Round is an odd Christmas tale about Rachel, who is stuck in a time loop, and forced to relive the...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari