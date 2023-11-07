LockBit Ransomware Steals 4.5 TB of Sensitive Data from Shimano

Nov 7, 2023
by Jessie-May Morgan  
Shimano factory visit 2018

Shimano is the latest high-profile victim of ransomware specialists LockBit, with 4.5 TB of sensitive data reported to have been stolen. Cyber Daily reports that the stolen data is said to pertain to both Shimano customers and employees.

LockBit, previously known as ".abcd" after the file extension it adds to encrypted files, is a major cybersecurity threat that is known to have hit major companies such as Royal Mail, Boeing and Continental in recent years. Another major brand hit recently by a similar cybersecurity threat includes Canyon Bicycles. The ransomware works by encrypting valuable data such that the company is no longer able to access it. Furthermore, LockBit also threatens to post a victim's data on the dark web unless a ransom payment (often in the form of cryptocurrency) is made within a few days.

In the case of the Shimano data breach, the company was allegedly given a deadline of November 5th 2023. Details of the ransom amount are unknown, and we have been unable to verify that deadline, or learn of whether or not Shimano gave in to any demands.

In Japan, while it is not illegal to pay the ransom in the case of a cybersecurity threat, the laws does state that, "if a director of a company negligently pays a ransom and therefore causes unjustifiable losses to the company, such payment can be considered as a breach of duty of care owed to the company". It also reads, "in any case of data breach, handling operators are also required to notify the data subjects whose personal data is compromised".

We have reached out to Shimano for comment, and will provide an update here as more information comes to light.

Posted In:
Industry News Shimano


Author Info:
jessiemaymorgan avatar

Member since Oct 26, 2023
4 articles
Report
31 Comments
  • 58 1
 If it were me I would not ask for a ransom, just for brakes with a consistant bite point.
  • 8 1
 And a way to make my XTR cassette quick creaking
  • 4 0
 @Speeder01: Gotta get those super thin plastic shims to put behind the cassette.
  • 9 0
 @Speeder01: are you sure you properly tightened the lockbit?
  • 4 0
 @Speeder01:https://www.bikeparts.com/BPC472937/shimano-xtr-cs-m9100-cassette-low-spacer

The cassette part number CS-9100-12 needs this stupid thin plastic "cassette low spacer" to make the creak go away....mine lasted a while and has now returned so I'm guessing these wear out.

CS-9101-12 is the fixed version that supposedly doesn't need it.
  • 1 0
 @Tsoxbhk: feel free to share part numbers
  • 2 0
 That should just about cover the dura ace and ultegra warranty returns folder
  • 1 0
 Especially cranksets
  • 1 0
 @jason3559: QBP is out of stock but they list this as the Manufacturer Part Number: Y1X401500. Might be able to order direct from Shimano.
  • 1 2
 Standard thirsty upvote comment…codes are the worst! Bmx background..looks like a session. EEBS ARE MOTORCYCLES
  • 22 0
 oh damn, now someone on the dark web has access to my favorite rear cog usage from my di2!!!!!!
  • 3 0
 4?
  • 10 1
 Did they use grip shift to twist the plot?
  • 1 0
 Grip Shit is Sram and it sucks Revo Shift is Shimano and it works.
  • 6 0
 That's a great catch for them hackers. Now they just have to reel in the money.
  • 8 3
 I guess it's good that Shimano had record profits recently.
  • 4 1
 As well as record losses shortly after that due the crank recall.
  • 6 2
 They got the secret data about exactly how quickly an XT clutch is designed to fail.
  • 2 0
 I guess Scott was the first bike company, whose files have been encrypted. They could not remember the name of a brand new bike and just called it Ransom.
  • 4 1
 Plot twist, it was just patents that Shimano never actually used...
  • 3 0
 *NEW* Shimano CenterLock would have been a better title Wink
  • 2 0
 Dang! We will never see the Shimano proprietary Integrated cable headset after this heist!
  • 2 0
 Let's hope their eeb firmware goes opensource, would be great to have peer review of their battery drain issues.
  • 2 0
 "Just click this link to see the new SRAM products just released"...
  • 2 0
 Damn is my wife now going to know all of my spending habits?
  • 1 0
 I'm sure they can put some ninjas on the case...thinking about throwing Dura-Ace 11t lockrings.
  • 2 0
 OH NO!?! They've stolen Shimano's newest 8spd technology.
  • 2 0
 And in further news, SRAM has purchased LockBit.
  • 2 0
 #shimaneynono
  • 1 0
 Ha, like it - Although I think you needed another no on the end :-)
  • 1 0
 that's a lot of ones and zeros.







