Zipper giant YKK confirms cyberattack targeted U.S. networks
Japanese zipper giant YKK confirmed that its U.S. operations were targeted by hackers in recent weeks but said it was able to contain the threat before damage was caused.
The Tokyo-based corporation would not say if it was hit with ransomware, but a spokesperson told Recorded Future News that once YKK discovered that its U.S.-based networks were targeted, the cybersecurity team “contained the threat before significant damage was done or sensitive information was exfiltrated.”
“The incident did not have a material impact on our operations or our ability to continue to serve our customers,” said Jessica Kennett Cork, vice president of corporate communications at YKK Corporation of America.
YKK has more than 44,000 employees across the world and an annual revenue of more than $6 billion. It is the world’s largest zipper manufacturer but also produces other fastening products, industrial machinery, plastic goods and more.
“There is no evidence that personal or financial information or intellectual property was compromised. We take cybersecurity seriously and thank our stakeholders for their continued trust in YKK," Cork said.
The company did not respond to follow-up questions about the nature of the cyberattack and whether a ransom was issued. But on June 2, the LockBit ransomware posted the company on its leak site, threatening to leak data stolen from YKK by June 16.
The LockBit ransomware gang's posting.
The gang posted YKK alongside dozens of other organizations from around the globe. The group continues to be the most prolific ransomware operation in the world, more than doubling the number of attacks launched by its competitors.
In 2023 the group kept up its attacks, targeting everything from churches to bus companies, sheriff's offices and city governments. They most recently stole the personal information of nearly nine million people across the United States from Managed Care of North America, the largest dental insurer in the nation for government-sponsored Medicaid and Children’s Health Insurance Programs.
Last month, the Justice Department said LockBit first appeared around January 2020 and has been involved in over 1,400 attacks against victims in the United States and elsewhere, “issuing over $100 million in ransom demands and receiving over $75 million in ransom payments.”
Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.