Home appliances giant Whirlpool suffered a ransomware attack by the Nefilim ransomware gang who stole data before encrypting devices.
Whirlpool is one of the world’s largest home application makers with appliances under its name and KitchenAid, Maytag, Brastemp, Consul, Hotpoint, Indesit, and Bauknecht. Whirlpool employs 77,000 people at 59 manufacturing & technology research centers worldwide and generated approximately $20 billion in revenue for 2019.
Over the weekend, the Nefilim ransomware gang published files stolen from Whirlpool during a ransomware attack. The leaked data included documents related to employee benefits, accommodation requests, medical information requests, background checks, and more.
A source in the cybersecurity industry has told BleepingComputer that the Nefilim ransomware gang attacked Whirlpool in the first weekend of December.
If you have first-hand information about this or other unreported cyberattacks, you can confidentially contact us on Signal at +16469613731 or on Wire at @lawrenceabrams-bc.
In a statement to BleepingComputer, Whirlpool confirmed the attack and said they are slowly bringing their systems back into service.
“We live in a time when Illegal cyber crimes are all too prevalent across every industry. Data privacy is a top priority at Whirlpool Corporation and we invest in the technology and processes to help protect our people, our data and our operations.”
“Last month Whirlpool Corporation discovered ransomware in our environment. The malware was detected and contained quickly. We are unaware of any consumer information that was exposed. There is no operational impact at this time,” Whirlpool Corporation told BleepingComputer in an email.
Nefilim is not a particularly active ransomware operation but is known for attacks on other large and well-known victims in the past.
Other victims attacked by Nefilim include Orange S.A., Dussman Group, Luxottica, and Toll Group.