A division of Toshiba said in a statement on Friday that its European business has been hit by a cyberattack.
A Toshiba Tec spokesperson told CNBC that it was the victim of a ransomware attack the evening of May 4. They said the attack seems to have been carried out by cyber criminal group DarkSide, which is the same group that the U.S. FBI blamed for the Colonial Pipeline attack.
Ransomware is a type of malicious software that’s designed to block access to a computer system the victims pay the hackers a sum of money.
The Toshiba unit, which sells self-checkout technology and point-of-sale systems to retailers, told CNBC that it has not paid a ransom.
“They required money, but we didn’t contact them and didn’t pay any money,” a spokesperson said.
Toshiba Tec said that a “minimal” amount of work data was stolen in a ransomware attack. No leaks of the data have been detected so far and protective measures were put in place after the cyber-attack, the company said.
Elsewhere on Friday, Ireland’s health service shut down its computer systems after being hit with a ransomware attack.
The Irish Health Service Executive (HSE) said there was a “significant ransomware attack” on its IT systems, without commenting further on specifics.
“We have taken the precaution of shutting down all (of) our IT systems in order to protect them from this attack and to allow us (to) fully assess the situation with our own security partners,” the HSE said in a tweet Friday.
“We apologize for inconvenience caused to patients and to the public and will give further information as it becomes available,” it added.
The attack on Colonial Pipeline, which is the largest pipeline system for refined oil products in the U.S., forced it to shut down approximately 5,500 miles of pipeline, leading to a disruption of nearly half of the East Coast fuel supply and causing gasoline shortages in the Southeast.
Colonial Pipeline paid a ransom of nearly $5 million to Darkside. The ransom payment was first reported by Bloomberg on Thursday.
Earlier on Monday, the DarkSide group described its actions as “apolitical” in a statement provided to CNBC by Cybereason.
“We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for our motives,” the group wrote.
“Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future,” the statement added.