BlackCat posts luxury watchmaker Seiko to its victim blog

Ransomware gang BlackCat posts watch company Seiko to its victim blog
BlackCat posted luxury watchmaker Seiko to its victim blog this morning, following the latter's announcement of a breach earlier this month.

By Claudia Glover


Global luxury watch brand Seiko has been breached by the ransomware group BlackCat, according to the gang’s website. Also known as ALPHV, the organisation released several tranches of what appears to be confidential data stolen from the Japanese watchmaking firm, including schematics on an unreleased watch model.

Seiko has been aware of the breach for some weeks. Earlier this month, the firm announced that it had been hit by a ‘possible data breach’ on July 28th, adding that an ‘as-yet-unidentified party had gained unauthorised access to at least one of [its] servers.’ The alert went on to explain that an investigation into the incident had been launched, and apologised to anyone suffering any effects of the breach.

A close-up of a Seiko-manufactured wristwatch.
A close-up of a Seiko-manufactured wristwatch. The Japanese watchmaker was recently claimed as the latest victim of BlackCat on the ransomware gang’s website. (Photo by Strahlengang/Shutterstock)
Founded in 1975 and headquartered in Tokyo, Japan, Seiko employs over 12,000 staff and as of March 2023 boasted an annual profit of $824.97mn. The data from the company posted on BlackCat’s victim portal includes plans for a new watch called the Seiko Transformer and the passport of the director of the Watch Corporation, a Seiko subsidiary. There is no mention on the portal about a deadline for negotiations or a possible ransom. Seiko did not respond to requests for comment.

ALPHV #ransomware group has added Seiko Group Corporation (https://t.co/pOVsbqYLPJ) to their victim list.

Seiko, is a Japanese maker of watches, clocks, electronic devices, semiconductors, jewelry, and optical products.#Japan #alphv #darkweb #databreach #cyberattack pic.twitter.com/zF8kAsp0P4

— FalconFeedsio (@FalconFeedsio) August 21, 2023
Who is BlackCat?
BlackCat is a notorious, Russian-speaking ransomware gang that is best known for attacking healthcare providers, financial institutions, government departments and the education sector. Its payloads are written in the Rust programming language, which makes it harder for ransomware researchers to track them.

BlackCat is thought by many to be a possible rebranding of DarkSide, the gang behind the hacking of the Colonial Pipeline in 2021, an incident that forced the US federal government to invoke emergency powers to guard against unexpected fuel shortages. According to the FBI, the gang’s operators include many developers and money launderers who migrated from the DarkSide ransomware platform.

BlackCat has posted confidential data stolen from several companies to its victim portal in recent months, including, in May, 6GB of data was purloined from Munster University in Ireland. In June, Bart’s Health NHS Trust also made an appearance, after the gang claimed it had lifted 70 terabytes of data from the medical organisation. Later that month, BlackCat additionally claimed to have attacked Reddit, demanding that the social media site pay a ransom of $4.5m for the data the gang had stolen and for the site to withdraw its controversial API policy.