BERNINA International hacked! Swiss-based BERNINA International AG, a leading manufacturer of sewing and embroidery machines, has been added to the victim list of the ALPHV ransomware group.
The cybercriminals claim to have gained access to vast data, including customer, client, and employee data, NDA contracts, and drawings.
Reports suggest that experienced pen testers who worked on the case seized over 200 gigabytes of information, including 415,000 files, and encrypted more than 30 volumes in cluster storage.
The attack’s impact has been felt in the company’s offices in Switzerland and Thailand, with tapes and NAS wiped clean. Additionally, the attackers successfully encrypted seven Hyper-V.
BERNINA International is yet to reply to our requests for comments.
BERNINA International hacked: Data at risk
The ALPHV ransomware group posted the “BERNINA International hacked” notice on their leak site, claiming that the stolen data includes sensitive information, such as customer and client data, employee data and insurance details, NDA contracts and documents, drawings and developments, and bank data and reports.
The ALPHV ransomware group also claim to have Bernina’s full contact list and chat history and have also accessed Bernina’s GDPR clients, contract agreements, and bank cash statements (without 2023).
BERNINA International getting hacked is the latest instance of a textile industry major being targeted by cybercriminals. In March 2022, a textile machine manufacturer in Germany was hit by a cyber attack, while in August 2021, a Swiss textile machinery manufacturer was hit by a ransomware attack.
These incidents demonstrate that the textile industry is vulnerable to cyber threats, and businesses in the sector must take proactive measures to safeguard their systems and data. Additionally, extortion gangs such as the ALPHV ransomware group are becoming increasingly sophisticated and leveraging advanced technologies to carry out attacks.
BERNINA International hacked: What needs to be done!
In today’s digital age, organizations must prioritize the security of their systems and data. The recent attack on BERNINA by the ALPHV ransomware group highlights the urgent need for businesses to implement robust cybersecurity protocols and response plans.
To mitigate the risk of cyber attacks, organizations should have regular backups of critical data, multi-factor authentication, and comprehensive employee training on identifying and preventing cyber threats. By implementing these measures, businesses can strengthen their cybersecurity infrastructure and reduce the likelihood of successful attacks.
In the event of a cyber attack, like the one we saw where BERNINA International hacked, having a clear communication strategy and incident response plan is essential to minimize the damage caused.
The response plan should outline the steps taken immediately after an attack, including identifying and containing the threat, assessing the damage, and notifying stakeholders. By having a clear plan, businesses can respond quickly and effectively to any incident, reducing the impact on their operations and reputation.