Ransomware attack hits LG battery subsidiary

News
By published

Akira claims breach at LG Energy Solution

Ransomware
  • LG Energy Solution suffered ransomware at one overseas facility, now restored and under investigation
  • Akira claims theft of 1.7TB data, including employee records and corporate documents
  • If true, stolen data could fuel phishing or be sold for significant profit

LG Energy Solution, a South Korean battery company and a subsidiary of LG, has confirmed it recently suffered a ransomware attack.

In a statement shared with The Record, a company spokesperson said the attackers targeted one specific facility, and that the attack was already mitigated.

“The attack targeted a specific overseas facility, and we have confirmed that the headquarters and other facilities were not affected,” the spokesperson said. “The impacted facility is now operating normally after the recovery measures were taken, and we are conducting security operations and investigations as a precautionary measure.”

Akira takes the blame

The company has facilities on multiple continents, including eight in North America.

LG Energy Solution is a South Korean company specializing in the design and manufacture of advanced lithium-ion batteries for electric vehicles (EVs), energy storage systems (ESS), and consumer electronics. In 2024, it earned more than $17 billion, the publication added. No further comments were shared regarding the attack.

At the same time, infamous threat actors going by Akira added LG Energy Solution to their data leak website, saying they stole roughly 1.7 terabytes of data.

“We will upload almost 1.67TB of corporate documents and 46gb of SQL databases soon,” the listing apparently said. “Lots of employee personal information (visas,

US and Korean passports, medical documents, Korean ID cards, addresses, phones, emails and so on), confidential projects, NDAs, confidentiality agreements, detailed financials, information about clients and partners, lots of contracts, etc.”

Since LG Energy Solution is currently investigating the attack, it is not yet possible to confirm, or deny, these claims. However, if they are true, then Akira has plenty of information that is worth a lot of money on the black market. In theory, it could sell it for hundreds of thousands of dollars, possibly even millions. Alternatively, if the database contains email addresses, they could be used to launch devastating phishing attacks, as well.

Via The Record

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.