After hitting US Fuel supplier Colonial Pipeline, DarkSide Ransomware Group has now targeted Toshiba Business that offers printing and scanning equipment and tools to businesses worldwide.
Although the incident was identified on Friday, Toshiba TEC Corporation decided to reveal these details early today after its IT staff in association with the third-party technical team finished a preliminary inquiry.
Data compromise is evident as the DarkSide malware spreading gang is known to steal data and then encrypt a database until a ransom is paid. However, the Japan-based company says data steal/leak in the DarkSide Security incident on Toshiba is yet to be probed.
Note 1- Discovered in Aug-2020, DarkSide Ransomware is known to operate with 30 odd groups under the same banner and is known to target companies to which data means business. After a 6 day outage of Colonial Pipeline due to a ransomware attack, the Biden administration ordered an investigation in this regard. And FBI in association with DHS has succeeded in seizing some critical infrastructure of the ransomware spreading gang along with some Cryptocurrency belonging to advertisers, founders, and clients- just a few hours ago.
Note 2- After a serious action taken by the law enforcement. DarkSide ransomware operators seem to have softened a bit by announcing a free decryption tool to all of their victims targeted so far. KrebsOnSecurity claims that such a reaction was never expected from such a notorious cybercrime group and they might have been forced to do so by law enforcement.