Whirlpool Hit by Nefilim Ransomware Again
Whirlpool Hit by Nefilim Ransomware Again

Whirlpool, the US-based home appliances maker has been in the news late last year regarding a data leak incident. A ransomware group called Nefilim has breached the Whirlpool Corporation and leaked the stolen data in December 2020.

While the leaked part back then was termed as Part 1, the same ransomware group has now dumped Part 2 of Whirlpool Corporation, which contained its internal industrial data.

Whirlpool Data Leak Part 2

Whirlpool has become so household name today that, we’d see at least one product of it when walked into any of the home appliance stores. The company is involved in making and marketing refrigerators, washers and dryers, microwave ovens, and air conditioners. Also, it sells various other products from several of its subsidiaries like KitchenAid, Maytag, Amana, Jenn-Air, and Consul.

While being popular among households helped the company in retaining them, it also attracted the adversaries who prey on it for profit. For example, the Whirlpool Corporation has been a target of the Nefilim ransomware group late last year, where the hacker group has stolen some unencrypted data from the company.

In a statement to BleepingComputer, Whirlpool Corporation admitted the breach happened in November 2020, with the stolen data being posted by the Nefilim group on December 26th, 2020. This is because the negotiations between Whirlpool and Nefilim group have failed, as revealed by the ransomware group.

Further, they said that “Whirpools cybersecurity is very fragile, which allowed us to breach their network for the second time after they stopped the negotiations.” This makes the incident more intriguing since the Nefilim group has now posted the second part of the hack on their data leak site. Below are some redacted images of the dump.

Stolen files included in the Whirlpool data leak
Stolen files included in the Whirlpool data leak
Industry materials data of Whirlpool
Materials Audit details of Whirlpool plant
Internal work charts belonging to Whirlpool
Internal work charts belonging to Whirlpool
Materials Audit details of Whirlpool plant
Materials Audit details of Whirlpool plant

The ransomware group has listed a file “Whirpool_part_2” on March 2nd on their data leak site, which has the details concerning Whirlpool’s internal industry data like;

  • Worksheets
  • Floor Plans
  • Master plans
  • Internal Logistics
  • CAD drawings
  • Supplier Materials Data
  • Invoices/Quotations and
  • Pretty much everything about Whirlpool’s WCM data.

Further, there are few photos and videos displaying the floor workers engaged in their duties. Analyzing the data, we’ve learned the leaked data belonged to the Whirlpool plant in Cleveland, Tennessee, USA. We’ve informed Whirlpool and asked for a comment and didn’t receive any response yet.

LEAVE A REPLY

Please enter your comment!
Please enter your name here