Toshiba hacked by DarkSide, the same Eastern European ransomware group that hacked Colonial Pipeline

DarkSide has struck again. A Toshiba Corp unit announced today it was hacked by Darkside, the same Eastern European ransomware group that hacked Colonia Pipeline last week.

Toshiba Tec Corp, which makes products such as bar code printers and is valued at $2.3 billion, was hacked by DarkSide – the group widely believed to be behind the recent Colonial Pipeline attack, according to a report from Reuters, citing Toshiba French subsidiary.

However,  Toshiba said that only a minimal amount of work data had been lost. “There are around 30 groups within DarkSide that are attempting to hack companies all the time, and they succeeded this time with Toshiba,” said Takashi Yoshikawa, a senior malware analyst at Mitsui Bussan Secure Directions.

The company added that employees accessing company computer systems from home during pandemic lockdowns have made firms more vulnerable to cyber attacks, he added.

Screenshots of DarkSide’s post provided by the cybersecurity firm said more than 740 gigabytes of information was compromised and included passports and other personal information.

Reuters said it could not access DarkSide’s public-facing website on Friday. Security researchers said DarkSide’s multiple websites had stopped being accessible.

According to another report from Kela, an Israeli cyber intelligence startup company, the new version of Darkside ransomware includes faster encryption speed, VoIP calling, and virtual machine targeting. Kela also claims that the Windows version of Darkside 2.0 “encrypts files faster than any other ransomware-as-a-service (RaaS), and is twice as fast as the previous version. It means that victims have even less time “to pull the plug” if they discover that their network is infected.”