Back to Feed
RansomwareJun 30, 2026

Blackfield ransomware asks Nidec Corporation for $2 million ransom

Blackfield ransomware gang demands $2 million from Nidec Corporation after data breach.

Summary

The Blackfield ransomware gang is demanding a $2 million ransom from Nidec Corporation, a major Japanese manufacturer of electronic components, following a ransomware attack on its Taiwanese subsidiary. The attackers claim to have stolen data and are threatening to leak or sell it if the ransom is not paid. Nidec is investigating the extent of the breach and potential impact on its operations, while also noting a past data breach in October 2024.

Full text

Blackfield ransomware asks Nidec Corporation for $2 million ransom By Bill Toulas June 30, 2026 05:41 AM 0 The Blackfield ransomware gang is asking for a $2 million ransom from Nidec Corporation, a large Japanese manufacturer of electronic components for automotive and computing applications. Nidec is a leader in producing motors of all sizes, from micro-precision ones used in phones and hard drives to heavy-duty motors for robotics, elevators, and large HVAC systems. The company also designs motors for electric vehicles, electric power steering systems, and advanced driver-assistance systems. With annual revenue of $17.2 billion, 100,000 employees, and operations in over 40 countries through manufacturing facilities and subsidiaries, Nidec is a global leader in electric motor manufacturing. In a statement last week, Nidec said that its Taiwanese subsidiary, Nidec Chaun Choung Technology, was compromised in a ransomware attack. “On Monday, June 22, 2026, ransomware-originated damage was confirmed in part of Nidec Chaun Choung Technology’s server,” Nidec says. “Thereafter, to prevent the spread of the damage, emergency measures, including shutting down the affected server and network, were taken.” The company also disclosed a “possibility of information leak,” although no personal or confidential information has been confirmed to have been leaked online. Regarding the impact on operations, Nidec stated that it is currently investigating how production, shipping, and other business operations might be impacted by the incident, but does not expect the fallout to extend to other Nidec Corporation or Nidec Group companies. Blackfield ransomware has claimed the attack and gave Nidec more than 15 days to respond and engage in negotiations, under the threat of publishing or selling the stolen data. To delete the allegedly stolen information, the threat actor is demanding a payment of $2 million. For $5,000, the actor is willing to extend by one day the deadline for leaking the data. Blackfield's post also includes a link to download the data immediately for the price of $400,000. Blackfield ransomware extortion portalSource: BleepingComputer The threat actor also leaked samples of data showing file structures and various documents to prove the data breach. However, BleepingComputer could not confirm the validity of the information. In October 2024, Nidec Corporation announced that it suffered another data breach by ransomware actors, which targeted its Vietnam-based Nidec Precision division, exposing over 50,000 sensitive files. That attack was claimed by both the 8Base and Everest gangs, which attempted to extort Nidec separately. Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection. Get the whitepaper Related Articles: New Prinz Eugen ransomware prioritizes recent files for encryptionTrellix source code breach claimed by RansomHouse hackersFoxconn confirms cyberattack claimed by Nitrogen ransomware gangKarakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prisonCritrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

Indicators of Compromise

  • malware — 8Base
  • malware — Everest

Entities

Blackfield ransomware (product)Nidec Corporation (vendor)Blackfield ransomware gang (threat_actor)8Base (threat_actor)Everest (threat_actor)