Home Appliance Maker ‘Whirlpool’ Hit by Ransomware Actors

  • The Nefilim ransomware gang has compromised ‘Whirlpool’, and the first data samples are already out.
  • Whirlpool says the attack doesn’t significantly impact its operations and that customer data hasn’t been compromised.
  • Nefilim is not the most active ransomware actor out there, but when they hit, they pick big targets.

The Nefilim group of ransomware actors has had a successful breach into Whirlpool’s corporate network, stealing data from the home appliance giant and encrypting a large number of devices. The hackers are already leaking samples of the stolen data on the dedicated leak website, essentially raising the heat of extortion for the victim. The first documents that appeared there include medical information requests, employee background checks, benefit details, accommodation requests, and various other “secondary” files.

Source: BleepingComputer

According to a report by BleepingComputer claiming expert sources, the attack occurred in the first weekend of December, which is consistent with the time of the leaks. Whirlpool has since restored its systems fully, but they had to admit the ransomware incident now, and they did. In their statement, the firm claims that the detection and containment of the malware happened immediately, and so the production of goods wasn’t impacted at all. Moreover, they gave assurances that no customer information was exposed or compromised, so this affects only Whirlpool employees.

Whirlpool is a very lucrative target for hackers, being a Fortune 500 company employing over 92,000 people, and having an annual revenue figure of more than $21 billion. However, succeeding in delivering a notable blow in its production lines is very unlikely as the firm operates nine individual manufacturing facilities across the United States. This is why threat actors rely on data-stealing more than encrypting and locking.

Nefilim is not among the most active ransomware groups out there, but they are known for targeting the “big fishes” out there. In May 2020, Nefilim compromised the Toll Group's systems, creating massive problems for the transportation and logistics company that lasted for weeks. Later, in October 2020, Nefilim managed to deliver a blow to Luxottica, the world’s largest eyewear manufacturer. The data appeared online a month later, exposing almost 830,000 patients in the United States.

As for Whirlpool, the firm hasn’t demonstrated the best practices in general. Almost a year ago, we reported about a customer database being left exposed online, allowing anyone with a web browser and a valid URL to access 28.1 million records coming from 48,000 home appliance devices. To make matters worse, the records concerned hourly device scans that sent back SAID, model numbers, attributes, and the customers' email address.

REVIEW OVERVIEW

Latest

Demon Slayer: Why Does Tanjiro Have a Scar?

If you haven't watched the latest season of Demon Slayer: Kimetsu no Yaiba, everything below is a spoiler!...

Demon Slayer – Kimetsu no Yaiba: Why Does Tanjiro Have a Black Sword?

In the Kimetsu no Yaiba verse, all Demon Slayers are gifted with their own personal Nichirin Blade once they pass the final...

How To Watch F1 Live Stream on Firestick in 2022

Amazon's Firestick (Fire TV Stick) comes with thousands of high-quality apps available via the Amazon App Store. So, if you want to...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari