Royal Enfield, the iconic and globally recognized motorcycle manufacturer, has allegedly been targeted in a severe ransomware attack. A threat actor posted a breach notice on a dark web forum claiming to have achieved a “FULL SYSTEM COMPROMISE” against the corporation. Royal Enfield, originally a British brand founded in 1901 and now a subsidiary of India’s Eicher Motors, is one of the oldest motorcycle brands in the world still in continuous production, making it a high-profile target.
The perpetrators of the attack claim to have enacted a complete data lockdown, asserting that “ALL SERVERS — ENCRYPTED” and “ALL BACKUPS — WIPED.” This suggests a devastating attack aimed at crippling the company’s IT infrastructure. According to the notice, a ransom demand has already been sent to Royal Enfield, with a tight deadline of only 12 hours remaining for the company to comply.
The threat actor is employing a double-extortion strategy by stating that they are accepting bids and offers for the compromised data, should the initial ransom demand go unpaid. This tactic is designed to maximize pressure on the victim organization, threatening not just operational paralysis from the encrypted systems but also the public or private sale of their sensitive information. The actor claims to have proof of access available for potential bidders.
