A unit of tech giant Toshiba was hacked by the DarkSide ransomware group.
Toshiba Tec Corp, which makes products such as bar code printers and is valued at €1.9 billion, was hacked by DarkSide - the group widely believed to be behind the recent Colonial Pipeline attack, its French subsidiary said.
It added, however, that only a minimal amount of work data had been lost.
"There are around 30 groups within DarkSide that are attempting to hack companies all the time, and they succeeded this time with Toshiba," said Takashi Yoshikawa, a senior malware analyst at Mitsui Bussan Secure Directions.
Employees accessing company computer systems from home during pandemic lockdowns have made firms more vulnerable to cyberattacks, he added.
Screenshots of DarkSide's post provided by the cybersecurity firm said more than 740 gigabytes of information was compromised and included passports and other personal information.
Security researchers said DarkSide's multiple websites had stopped being accessible.
Ransomware attacks have increased in number and amount of demands, with hackers encrypting data and seeking payment in cryptocurrency to unlock it. They increasingly release stolen data as well, or threaten to unless they are paid more.
In Ireland, the HSE has down its IT systems on Friday morning after what it described as a "significant" ransomware attack.
Investigators in the US's Colonial case say the attack software was distributed by DarkSide, which includes Russian speakers and avoids hacking targets in the former Soviet Union. DarkSide lets "affiliates" hack into targets elsewhere, then handles the ransom negotiation and data release. - Reuters