Whirlpool, the US-based home appliances maker has been in the news late last year regarding a data leak incident. A ransomware group called Nefilim has breached the Whirlpool Corporation and leaked the stolen data in December 2020.
While the leaked part back then was termed as Part 1, the same ransomware group has now dumped Part 2 of Whirlpool Corporation, which contained its internal industrial data.
Whirlpool Data Leak Part 2
Whirlpool has become so household name today that, weโd see at least one product of it when walked into any of the home appliance stores. The company is involved in making and marketing refrigerators, washers and dryers, microwave ovens, and air conditioners. Also, it sells various other products from several of its subsidiaries like KitchenAid, Maytag, Amana, Jenn-Air, and Consul.
While being popular among households helped the company in retaining them, it also attracted the adversaries who prey on it for profit. For example, the Whirlpool Corporation has been a target of the Nefilim ransomware group late last year, where the hacker group has stolen some unencrypted data from the company.
In a statement to BleepingComputer, Whirlpool Corporation admitted the breach happened in November 2020, with the stolen data being posted by the Nefilim group on December 26th, 2020. This is because the negotiations between Whirlpool and Nefilim group have failed, as revealed by the ransomware group.
Further, they said that โWhirpools cybersecurity is very fragile, which allowed us to breach their network for the second time after they stopped the negotiations.โ This makes the incident more intriguing since the Nefilim group has now posted the second part of the hack on their data leak site. Below are some redacted images of the dump.
The ransomware group has listed a file โWhirpool_part_2โ on March 2nd on their data leak site, which has the details concerning Whirlpoolโs internal industry data like;
- Worksheets
- Floor Plans
- Master plans
- Internal Logistics
- CAD drawings
- Supplier Materials Data
- Invoices/Quotations and
- Pretty much everything about Whirlpoolโs WCM data.
Further, there are few photos and videos displaying the floor workers engaged in their duties. Analyzing the data, weโve learned the leaked data belonged to the Whirlpool plant in Cleveland, Tennessee, USA. Weโve informed Whirlpool and asked for a comment and didnโt receive any response yet.