Home appliances giant Whirlpool suffered a ransomware attack by the Nefilim ransomware gang who stole data before encrypting devices.
A confidential source who spoke to Bleeping Computer reported that the initial attack took place during the first week of December.
According to a statement from Whirlpool, however, the breach may have occurred in November. “Last month Whirlpool Corporation discovered ransomware in our environment,” the statement begins. It continues, “the malware was detected and contained quickly.”
Whirlpool’s statement asserts that no consumer data was affected and that there is “no operational impact” even as the company continues to investigate and remediate.
Corporate data, however, does appear to have been accessed by the attackers. A pair of files that were reportedly stolen during the attack were posted to the gang’s leak site.
In its post, the Nefilim group claimed that the files were only posted after initial negotiations with Whirlpool didn’t result in the ransom being paid.
