BusinessCybersecurityNewswireTechnology

Kubota reveals hackers accessed network systems for a month

▼ Summary

– Hackers accessed Kubota North America’s network systems between March 16 and April 20, exposing employee and dependent personal information.
– Exposed data includes full names, Social Security numbers, dates of birth, taxpayer IDs, driver’s license numbers, bank account info, and benefits data.
– Kubota began sending personalized email notifications on June 30, offering Kroll identity protection and advising recipients to monitor accounts for suspicious activity.
– The company has implemented additional security measures to prevent future incidents and reported no operational or business disruptions.
– No data extortion groups or ransomware gangs have claimed responsibility for the attack.

Kubota North America Corporation has confirmed that an unauthorized party infiltrated its network systems and maintained access for over a month earlier this year. The breach, which went undetected for weeks, exposed sensitive personal information belonging to employees and their dependents.

Following an internal investigation, the company determined that the threat actor had access to its systems from March 16 through April 20. During that period, files containing a broad range of employee data were compromised. Kubota, a Japanese industrial giant best known for its agricultural and construction equipment, operates in 120 countries with a workforce exceeding 52,000 people and annual revenues reported at $20 billion. Its North American division oversees facilities that manufacture tractors, mowers, and utility vehicles.

According to the disclosure published on the Kubota USA website, the following data types may have been accessed: full names of employees and their dependents, Social Security numbers, dates of birth, taxpayer IDs, driver’s license or other government identification numbers, direct deposit bank account information, corporate payment card details, and benefits enrollment data including limited claims information.

The specific data exposed varies from person to person. Kubota began sending personalized email notifications on June 30, informing each affected individual about the precise information stolen in their case. Those notices include instructions for enrolling in Kroll identity protection services, designed to help victims mitigate the risks associated with the exposure of their sensitive data.

In the notification letters, Kubota advises recipients to monitor healthcare-related statements and bank accounts closely, and to report any suspicious activity to law enforcement immediately. The company states it has implemented additional security measures to prevent similar incidents in the future.

As of now, no data extortion groups or ransomware gangs have claimed responsibility for the attack. Kubota has not reported any operational or business disruptions resulting from the breach. BleepingComputer reached out to Kubota for further details about the perpetrators and the nature of the attack but did not receive a response by the time of publication.

(Source: BleepingComputer)

Topics

data breach 98% employee data exposure 95% cybersecurity incident 93% personal identifiable information 90% identity protection 88% financial data theft 87% fraud monitoring 86% corporate notification 85% security remediation 83% industrial manufacturer 82%