Nefilim ransomware operators leak data stolen from Whirlpool

The American multinational manufacturer and marketer of home appliances Whirlpool was hit by the Nefilim ransomware gang.

The American multinational manufacturer and marketer of home appliances Whirlpool suffered a ransomware attack, Nefilim ransomware operators claim to have stolen data from the company and threaten to release the full dump if the company will not pay the ransom.

The leak comes after failed negotiations with the executives of Whirlpool.

The company markets multiple brands, including Whirlpool, Maytag, KitchenAid, JennAir, Amana, Gladiator GarageWorks, Inglis, Estate, Brastemp, Bauknecht, Ignis, Indesit, and Consul. Their website also mentions Diqua, Affresh, Acros, and Yummly brands.

The company has over 77,000 employees at 59 manufacturing & technology research centers worldwide and generated $20 billion in revenue for 2019.

During the weekend, the Nefilim ransomware operators published the first batch of data that includes documents related to employee benefits, accommodation requests, medical information requests, and other info. 

“This leak comes after long negotiations and unwillingness of executives of Whirlpool Corporation to uphold the interests of their stakeholders. Whirpools cybersecurity is very fragile, which allowed us to breach their network for the second time after they stopped the negotiations.” states the message published by the ransomware gang on their leak site.

The Nefilim ransomware gang leaked a text file and a 7zip archive named Whirlpool_filelist.txt and Whirlpool_part1.7z respectively.

Bleeping Computer reported that the security breach took place in early December.

In October the Nefilim ransomware operators leaked a long list of files belonging to Italian eyewear and eyecare giant Luxottica.

Other victims of the ransomware gang are the mobile network operator Orange,  the independent European leader in multi-technical services The SPIE Group, the German largest private multi-service provider Dussman Group, and the Toll Group.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Whirlpool)

[adrotate banner=”5″]

[adrotate banner=”13″]