Unauthorized Access and Data Exposure
Kubota North America Corporation has confirmed that an unauthorized party gained access to some of its network systems for over a month earlier this year. The company’s investigation revealed that between March 16 and April 20, a threat actor accessed files containing personal information of employees and their dependents. Kubota, a Japanese industrial manufacturer known for agricultural and construction equipment, operates in 120 countries, employs over 52,000 people, and reports annual revenue of $20 billion. Its North American division focuses on producing tractors, mowers, and utility vehicles.
Sensitive Information Compromised
The exposed data may include full names, Social Security numbers, dates of birth, taxpayer IDs, driver’s license numbers, direct deposit bank account information, corporate payment card data, and benefits enrollment details. The specific information compromised varies per individual. Starting June 30, Kubota began sending personalized notifications via email to affected individuals, outlining the specific impact on them. These notifications include instructions for enrolling in Kroll identity protection services to help mitigate risks from the exposure. The company advises recipients to monitor healthcare related statements and bank accounts, and to report any suspicious activity to authorities. Kubota states it has implemented additional security measures to prevent future incidents. No ransomware or extortion group has claimed responsibility, and the company reported no operational disruptions.
Source: BleepingComputer
