Electronics manufacturer Data I/O has reported a ransomware attack that took place earlier this month.
Regulatory filings from the firm show it detected a breach of internal IT systems on 6th August.
"Upon discovery, the Company promptly activated its response protocols, took steps to secure its global IT systems and implemented containment measures, including proactively taking certain platforms offline and implementing other mitigation measures," it said.
"The Company also engaged leading cybersecurity experts to support the IT system recovery and conduct a comprehensive investigation,” the Data I/O added.
“Based on the findings, the Company will take additional actions as appropriate, including notifying affected individuals and regulatory authorities in compliance with applicable laws."
According to Data I/O, containment activities have hit IT systems relating to internal and external communications, shipping, receiving, manufacturing production, and various other support functions.
The company hasn't revealed whether it's received a ransomware demand. Similarly, it said there doesn't appear to have been any significant impact on the company’s business operations.
However, Data I/O said it's likely that costs related to the incident, including fees for cybersecurity experts and other advisors, along with the cost of restoring any impacted systems, could have a material impact on its financial results.
Data I/O attack culprits still at large
Data I/O produces electronic device programming systems for integrated circuits, such as flash memory and microcontrollers, with customers including Tesla, Bosch, Amazon, Apple, Google, HP, Microsoft, Siemens, Philips, Sony, and Foxconn.
Around two-thirds of its business currently comes from automotive electronic production, including technology for electric car charging stations. It claims it serves 18 of the world's top 20 automotive electronics suppliers.
Pete Luban, Field CISO at AttackIQ, said given the domain Data I/O works in, it represents a prime target for threat actors.
"Ransomware attacks on manufacturers can have rippling effects down supply chains, especially with Data I/O’s major customers including industry giants like Tesla, Panasonic, Amazon, Google, and Microsoft," he said.
"Manufacturers should use this case as a lesson to enact proactive security measures to mitigate ransomware threats before they’re able to shut down critical systems."
Luban added that security teams should use adversarial emulation to test their defenses against baseline behaviors associated with common ransomware groups:
"This way, organizations can shut off access to sensitive systems and information and keep supply chains intact," he said.
No group has yet claimed responsibility for the attack. However, Scattered Spider or ShinyHunters are likely suspects.
"Given the geopolitics surrounding the chip industry and its high-profile customers, Data I/O is an attractive target for cyber criminals. With shipping delayed, the attack affects not only Data I/O but also the tech giants that rely on their chips to build their products," said Trevor Dearing, director of critical infrastructure at Illumio.
"By hitting critical systems, attackers drive faster payouts and cause deeper damage than traditional data breaches ever did. Ransomware now brings massive downtime, reputational harm, and financial loss."
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- Ransomware victims are getting better at haggling with hackers
- The ransomware groups worrying security researchers in 2025
- A major ransomware hosting provider just got hit US with sanctions
-
The US government's Intel deal explainedNews The US government has taken a 10% stake in Intel – but what exactly does the deal mean for the ailing chipmaker?
-
KnowBe4 names Joel Kemmerer as new CIONews The experienced IT veteran will help lead critical digital transformation activities as the vendor continues its growth journey
-
74% of companies admit insecure code caused a security breachNews A large number of data breaches are linked to insecure code, prompting calls for better training
-
Cyber pros say the buck stops with the board when it comes to security failingsNews Fines, sanctions, and even prosecution are all on the table when it comes to cyber failings, practitioners believe
-
Microsoft quietly launched an AI agent that can detect and reverse engineer malwareNews Researchers say the tool is already achieving the “gold standard” in malware classification
-
Employee distraction is now your biggest cybersecurity riskNews Workplace distraction is the top reason organizations fall victim to cyber attacks, according to new research.
-
Apple just released an emergency patch for a zero-day exploited in the wild – here’s why you need to update nowNews Apple is warning millions of users of iPhones, iPads and Macs to update their software to protect against an out-of-bounds write vulnerability
-
Cyber teams are struggling to keep up with a torrent of security alertsNews Fragmented identity security processes are creating blind spots, and the proliferation of tools doesn't help
-
The Allianz Life data breach just took a huge turn for the worseNews Around 1.1 million Allianz Life customers are believed to have been impacted in a recent data breach, making up the vast majority of the insurer's North American customers.
-
US authorities just took down 'one of the most powerful DDoS botnets to ever exist’ with help from AWSNews The Rapper Bot botnet was responsible for a series of large-scale DDoS attacks on government agencies and tech companies. Now it's gone.
