Blackfield ransomware asks Nidec Corporation for $2 million ransom

The Blackfield ransomware gang is asking for a $2 million ransom from Nidec Corporation, a large Japanese manufacturer of electronic components for automotive and computing applications.

Nidec is a leader in producing motors of all sizes, from micro-precision ones used in phones and hard drives to heavy-duty motors for robotics,  elevators, and large HVAC systems.

The company also designs motors for electric vehicles, electric power steering systems, and advanced driver-assistance systems.

With annual revenue of $17.2 billion, 100,000 employees, and operations in over 40 countries through manufacturing facilities and subsidiaries, Nidec is a global leader in electric motor manufacturing.

In a statement last week, Nidec said that its Taiwanese subsidiary, Nidec Chaun Choung Technology, was compromised in a ransomware attack.

“On Monday, June 22, 2026, ransomware-originated damage was confirmed in part of Nidec Chaun Choung Technology’s server,” Nidec says.

“Thereafter, to prevent the spread of the damage, emergency measures, including shutting down the affected server and network, were taken.”

The company also disclosed a “possibility of information leak,” although no personal or confidential information has been confirmed to have been leaked online.

Regarding the impact on operations, Nidec stated that it is currently investigating how production, shipping, and other business operations might be impacted by the incident, but does not expect the fallout to extend to other Nidec Corporation or Nidec Group companies.

Blackfield ransomware has claimed the attack and gave Nidec more than 15 days to respond and engage in negotiations, under the threat of publishing or selling the stolen data.

To delete the allegedly stolen information, the threat actor is demanding a payment of $2 million. For $5,000, the actor is willing to extend by one day the deadline for leaking the data.

Blackfield's post also includes a link to download the data immediately for the price of $400,000.

Blackfield ransomware extortion portal
Source: BleepingComputer

The threat actor also leaked samples of data showing file structures and various documents to prove the data breach. However, BleepingComputer could not confirm the validity of the information.

In October 2024, Nidec Corporation announced that it suffered another data breach by ransomware actors, which targeted its Vietnam-based Nidec Precision division, exposing over 50,000 sensitive files.

That attack was claimed by both the 8Base and Everest gangs, which attempted to extort Nidec separately.