RansomEXX claims cyberattack on Ski-Doo and Sea-Doo maker

The RansomEXX ransomware group is claiming responsibility for the hacker attack against Bombardier Recreational Products (BRP), disclosed by the firm on Aug 8.

At the time, the Canadian maker of Ski-Doo snowmobiles, Sea-Doo jet skis, ATVs, motorcycles, and Rotax engines informed the public of a temporary stop for all operations as a response to malicious cyberactivity.

The operational halt impacted production, too, and was expected to cause delays in certain transactions with customers and suppliers.

BRP employs over 20,000 people, counts close to $6 billion in annual sales, and distributes various products in more than120 countries, so even a minimal disruption in its production can have a serious financial impact.

On Aug 15, BRP provided an update on the situation, saying that four manufacturing sites in Canada, Finland, the U.S., and Austria resumed production, with the rest to follow suit by the end of that week.

In the same statement, the firm presented the first results of its internal investigation, saying that the hackers breached its systems via a supply chain attack:

The Company confirms that the malware infiltration came through a third-party service provider. BRP believes that the impact of the cyberattack was limited to its internal systems.

At this time, while the investigation is still ongoing, it has not revealed any evidence that its clients' personal information would have been affected by the attack.

BRP promised to notify individuals or corporations directly if the ongoing investigation reveal a more widespread data breach.

The other day, one of the largest platforms for trading CS:GO skins CS.MONEY has taken its website offline after a hacker attack allowed threat actors to loot 20,000 items worth nearly $6,000,000.