Gentex Corporation, a technology and manufacturing company based in Michigan, has confirmed that it experienced a data breach as a result of an attack by the Dunghill ransomware gang. The breach, which occurred several months ago, was not previously disclosed by Gentex.
An email from a Dunghill operator to TechTarget Editorial claimed responsibility for breaching Gentex and provided a link to a Tor site allegedly containing 5 TB of sensitive corporate data, including emails, client documents, and personal information of 10,000 Gentex employees.
While TechTarget did not verify the data’s authenticity, Gentex confirmed the breach and stated that it had communicated with all affected parties. The exact timeline of the breach remains unclear, as Gentex has not yet provided further details.
Dunghill, identifying themselves as a group of computer specialists, revealed that they made the stolen data publicly available on the dark web and claimed to have shared it with manufacturers from China, India, and the U.S. due to Gentex’s alleged refusal to cooperate.
The stolen data encompassed various sensitive materials, ranging from financial reports and nondisclosure agreements to client contracts and human resources information. Gentex has yet to respond to inquiries about the breach’s impact and the methods used by the attackers.
Ransomware groups like Dunghill have intensified their tactics by pressuring organizations to pay through contacting competitors, media members, and even victims’ family members. Additionally, these groups are now leaking highly sensitive multimedia files extracted during attacks, further escalating the stakes of cyber extortion.
