Apparent Ransomware Attack Halts Operations at Crown Equipment for Second Week
20 June 2024 at 13:28
Crown Equipment Cyberattack Overview
Since approximately June 8th, Crown's employees reported a breach in the company's IT systems. This breach led to a complete shutdown of systems, preventing employees from clocking in their hours, accessing service manuals, and in some cases delivering machinery. In an internal email sent to employees, the heavy machinery manufacturer confirmed the cyberattack and advised employees to ignore multifactor authentication (MFA) requests and to be cautious of phishing emails."I currently work there. Everyone is scrambling, can't order parts except for TVH and that's strictly for emergencies. The company hasn't officially announced that it's been hacked but they keep pushing the importance of MFA. We can read between the lines."Β - Reddit User (Williams2242)The company in its press release revealed that the breach necessitated the shutdown of their operating systems to investigate and resolve the issue without giving details on the hackers and their ransom demand, if any.
Crown Equipment Attack Details
Crown disclosed that many of their security measures were effective in limiting data access by the criminals. However, the breach likely occurred due to an employee not adhering to data security policies that resulted in unauthorized access to their device, according to a Reddit post."I heard someone got a call from a hacker pretending to be IT. They installed a fake VPN on their computer and got access to everything. They created a privileged account on the network that gave them access all the systems. The network went down Sunday and it's been down since with no ETA." - Reddit User (DragonflyJust2223)This speculation suggests a social engineering attack where the threat actor installed remote access software on the employee's computer. BornCity, a website maintained by a German-speaking digital observer, first reported the possibility of a hack nearly a week ago. Citing a distant source who used to work at the manufacturing plant of Crown, BornCity said the problems were likely due to a 'coding bug.' "This had sent the Crown 360 (a service likely based on the Microsoft Cloud and Office 365) solution downhill β but I take that information not as reliable." Crown Equipment, however, did not confirm the speculation and thus the claims remain unverified.
Impact on Crown Equipment's Employees
Initially, Crown told employees they would need to file for unemployment or use their paid time off (PTO) and vacation days to receive pay for missed days. Last weekend, this directive was updated and the employees were asked to file for unemployment, after which several took to Reddit to vent their discontent."The fact that their not paying people for their mistake is straight bu****it. Crown pretends to be a family company but as soon as they need to support their "family" they shaft them. People need this money to live, while the owner can just sit back and chill with his multi-millions in the bank. Crown needs to take the hit and do the right thing." - Reddit UserAnother said: [caption id="attachment_78309" align="aligncenter" width="1024"]
![Crown Equipment](../themes/icons/grey.gif)