Security News > 2023 > May > US govt contractor ABB confirms ransomware attack, data theft
Swiss tech multinational and U.S. government contractor ABB has confirmed that some of its systems were impacted by a ransomware attack, previously described by the company as "An IT security incident."
"ABB has determined that an unauthorized third-party accessed certain ABB systems, deployed a type of ransomware that is not self-propagating, and exfiltrated certain data," the company said in a press release.
The investigation is still in its early stages, and ABB is also working with advisors and law enforcement to minimize the ransomware attack's impact.
ABB reported revenue of $29.4 billion for 2022 and has roughly 105,000 employees that develop industrial control systems and SCADA systems for manufacturing and energy suppliers.
While ABB didn't reveal the name of the attackers, BleepingComputer independently confirmed that the attack was conducted by the Black Basta ransomware gang with the help of an anonymous source familiar with the incident.
"ABB recently detected an IT security incident that directly affected certain locations and systems," the company told BleepingComputer in a statement after the attack.
News URL
Related news
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)