BRP (Bombardier Recreational Products) was riding high on August 8, 2022. One day removed from introducing its latest Can-Am, Sea-Doo, Rotax, Alumacraft, and Manitou lineups at the Club BRP 2023 event, the future seemed bright for the Canadian company. That is until a cyberattack crippled the conglomerate’s operations and production.
Ransomware gang RansomEXX promptly took credit for the “malicious cyberactivity”, stealing 29.9GB of files pertaining to non-disclosure agreements, passports, IDs, contracts, and supply agreements. RansomExx (aka Defray777 and Ransom X) is a human-operated ransomware variant that targets corporations by stealing personal data and encrypting internal files. If the company refuses to pay a ransom for decrypting the files, RansomExx threatens to publicize the looted information.
Fortunately, BRP reports that no customer data was compromised in the breach. However, further investigative efforts revealed that RansomEXX also accessed employee login credentials during the attack. BRP has since asked its employees to change their passwords to avoid additional vulnerabilities.
"Cybersecurity at BRP is a top priority. We have a strong team of experts committed to taking every appropriate measure to ensure the integrity of systems and data," proclaimed BRP President and CEO José Boisjoli. "I thank them for all their efforts to mitigate the consequences of the attack."
As of August 16, 2022, BRP announced that its Valcourt (Canada), Rovaniemi (Finland), Sturtevant (USA), and Gunskirchen (Austria) plants resumed production after a week-long shutdown. The company’s other production facilities ramped up in a phased approach shortly after.
In the released statement, BRP also claimed that it “has put in place a recovery plan to minimize the financial consequences of the cyberattack and does not anticipate any impact on its year-end financial guidance.”
On the other hand, it seems like BRP still isn’t out of the woods. The company recently released a statement in response Montreal newspaper La Presse's coverage, claiming that “(BRP) will not comment on any discussions or potential negotiations with cyber threat actors, including any ransom payments.”
Hopefully, BRP fully fends off the attack and returns to business as usual. The firm recently announced Can-Am's return to the two-wheeled market with the electric Pulse and Origin concepts. It would be a shame to see those models delayed due to RansomEXX’s cyberattack.
