Blackfield ransomware hits Nidec's Taiwanese subsidiary, demands $2 million
Japanese motor and electronics giant Nidec confirmed a ransomware attack on its Taiwanese subsidiary Nidec Chaun Choung Technology, after which the Blackfield gang claimed the breach and demanded a $2 million ransom.
- Victim
- Nidec Corporation
On 22 June 2026, Nidec Corporation β the Kyoto-based Japanese manufacturer of electric motors and electronic components for automotive, computing and industrial applications β confirmed that its Taiwanese subsidiary, Nidec Chaun Choung Technology (Nidec CCI), had suffered a ransomware attack. The company said the incident caused damage to part of the subsidiary's server infrastructure.
A week later, on 29 June 2026, the Blackfield ransomware gang publicly claimed responsibility for the intrusion and listed Nidec on its extortion site. The group is demanding a $2 million ransom and has given the company a window of more than 15 days to negotiate, threatening to publish or sell the stolen data if it refuses.
What the attackers claim
Blackfield alleges it exfiltrated a large volume of corporate data β reported to be more than 2 TB β spanning employee records and financial, procurement, sales, manufacturing, IT, legal, compliance and project documentation. The group leaked file listings and sample documents in an attempt to prove the theft. Reporting outlets noted that they could not independently verify the authenticity or scope of the claimed data, and no confirmed leak of personal or confidential information had been reported at the time of disclosure.
Impact and response
Nidec confirmed operational damage to the affected subsidiary's servers but has not published a detailed accounting of what, if anything, was taken. The attack lands during a sensitive period for the company, which had separately sought an extension to the filing deadline for its annual securities report.
Why it matters
The incident is a reminder that subsidiaries and regional units are a favoured entry point for ransomware crews targeting large multinationals: a foothold in one Taiwanese operating company becomes leverage against the entire Nidec group. The double-extortion playbook on display β encrypting or disrupting servers while separately threatening to release exfiltrated business records β keeps pressure on the victim regardless of whether backups allow a technical recovery. For a manufacturer whose value rests heavily on proprietary designs and supply-chain data, the mere threat of leaking procurement, manufacturing and project documentation carries strategic risk well beyond the immediate ransom.
Financial impact
Reported costs in USD
Timeline
Nidec confirms ransomware-related damage to part of the server infrastructure of its Taiwanese subsidiary, Nidec Chaun Choung Technology.
The Blackfield ransomware group publicly claims the attack, demanding $2 million and threatening to publish or sell the allegedly stolen data.
Sources
- bleepingcomputer.comhttps://www.bleepingcomputer.com/news/security/blackfield-ransomware-asks-nidec-corporation-for-2-million-ransom/
- dexpose.iohttps://www.dexpose.io/blackfield-ransomware-strikes-nidec-chaun-choung-technology-corporation/