Crown Equipment, a prominent industrial and forklift truck manufacturer based in Ohio, has fallen victim to a cyberattack orchestrated by an international cybercriminal organization, the company confirmed to its employees on Tuesday.
The acknowledgment came nearly a week after the company’s network experienced a massive outage on June 9, which was followed by a halt in manufacturing operations on June 10, as reported by German security blogger Günter Born.
In a letter sent to employees and later published by Bleeping Computer, Crown Equipment revealed that the cybercriminals were able to breach their system due to an employee granting unauthorized access to their device. Despite having several security measures in place, the company stated that the hackers were only able to access limited data and emphasized that there is no evidence suggesting that employee information was specifically targeted.
The full extent of the cyberattack and its impact on the company’s operations are still shrouded in mystery, as Crown Equipment has chosen to maintain a level of secrecy regarding the incident. The company has enlisted the help of the FBI and external cybersecurity experts to address the breach. While some IT systems have been brought back online, manufacturing activities are expected to remain suspended until June 24 based on reports from affected employees.
Speculations circulating among employees, though not confirmed by the company, suggest that the cyberattack may have involved ransomware. The true scope of the breach is yet to be determined, with possibilities ranging from a contained incident to a more widespread compromise that necessitated the shutdown of operations as a precautionary measure.
The prolonged recovery timeline could indicate efforts to ensure that all systems are thoroughly cleansed of any malware before being restored. This cautious approach may also be aimed at preventing potential re-infections and safeguarding against the encryption of backup data.
While the immediate financial impact on Crown Equipment is apparent through the disruption of manufacturing activities, the fallout from the cyberattack extends beyond the company itself. Employees have expressed frustration over the lack of communication and clarity regarding the downtime and its implications for their livelihoods. Additionally, businesses reliant on Crown Equipment’s products and services may also experience setbacks as a result of the manufacturing standstill.
As Crown Equipment navigates the aftermath of the cyberattack and works towards restoring normal operations, rebuilding trust with employees and stakeholders will be a critical aspect of its recovery process. The incident serves as a stark reminder of the pervasive threat posed by cybercriminals and underscores the importance of robust cybersecurity measures in safeguarding against future attacks.