# Home appliance giant Whirlpool hit in Nefilim ransomware attack **[bleepingcomputer.com/news/security/home-appliance-giant-whirlpool-hit-in-nefilim-ransomware-attack/](https://www.bleepingcomputer.com/news/security/home-appliance-giant-whirlpool-hit-in-nefilim-ransomware-attack/)** Lawrence Abrams By [Lawrence Abrams](https://www.bleepingcomputer.com/author/lawrence-abrams/) December 28, 2020 12:12 PM 3 Home appliances giant Whirlpool suffered a ransomware attack by the Nefilim ransomware gang who stole data before encrypting devices. Whirlpool is one of the world's largest home application makers with appliances under its name and KitchenAid, Maytag, Brastemp, Consul, Hotpoint, Indesit, and Bauknecht. Whirlpool employs 77,000 people at 59 manufacturing & technology research centers worldwide and generated approximately $20 billion in revenue for 2019. Over the weekend, the Nefilim ransomware gang published files stolen from Whirlpool during a ransomware attack. The leaked data included documents related to employee benefits, accommodation requests, medical information requests, background checks, and more. ----- **Whirlpool data leak on Nefilim site** A source in the cybersecurity industry has told BleepingComputer that the Nefilim ransomware gang attacked Whirlpool in the first weekend of December. **Nefilim ransom note** ----- If you have first-hand information about this or other unreported cyberattacks, you can [confidentially contact us on Signal at +16469613731 or on Wire at @lawrenceabrams-bc.](http://10.10.0.46/tel:+16469613731) In a statement to BleepingComputer, Whirlpool confirmed the attack and that their systems have been fully restored from the attack. "We live in a time when Illegal cyber crimes are all too prevalent across every industry. Data privacy is a top priority at Whirlpool Corporation and we invest in the technology and processes to help protect our people, our data and our operations." "Last month Whirlpool Corporation discovered ransomware in our environment. The malware was detected and contained quickly. We are unaware of any consumer information that was exposed. There is no operational impact at this time," Whirlpool Corporation told BleepingComputer in an email. Nefilim is not a particularly active ransomware operation but is known for attacks on other large and well-known victims in the past. [Other victims attacked by Nefilim include Orange S.A.,](https://www.bleepingcomputer.com/news/security/orange-confirms-ransomware-attack-exposing-business-customers-data/) [Dussman Group,](https://www.bleepingcomputer.com/news/security/business-giant-dussmann-groups-data-leaked-after-ransomware-attack/) [Luxottica, and](https://www.bleepingcomputer.com/news/security/ray-ban-owner-luxottica-confirms-ransomware-attack-work-disrupted/) Toll Group. _Updae 12/28/20: Whirlpool's systems are fully restored, not slowly recovering as initially_ stated. ## Related Articles: [Industrial Spy data extortion market gets into the ransomware game](https://www.bleepingcomputer.com/news/security/industrial-spy-data-extortion-market-gets-into-the-ransomware-game/) [Costa Rica declares national emergency after Conti ransomware attacks](https://www.bleepingcomputer.com/news/security/costa-rica-declares-national-emergency-after-conti-ransomware-attacks/) [Quantum ransomware seen deployed in rapid network attacks](https://www.bleepingcomputer.com/news/security/quantum-ransomware-seen-deployed-in-rapid-network-attacks/) [New Black Basta ransomware springs into action with a dozen breaches](https://www.bleepingcomputer.com/news/security/new-black-basta-ransomware-springs-into-action-with-a-dozen-breaches/) [American Dental Association hit by new Black Basta ransomware](https://www.bleepingcomputer.com/news/security/american-dental-association-hit-by-new-black-basta-ransomware/) [Cyberattack](https://www.bleepingcomputer.com/tag/cyberattack/) [Data Exfiltration](https://www.bleepingcomputer.com/tag/data-exfiltration/) [Data Leak](https://www.bleepingcomputer.com/tag/data-leak/) [Nefilim](https://www.bleepingcomputer.com/tag/nefilim/) [Ransomware](https://www.bleepingcomputer.com/tag/ransomware/) [Whirlpool](https://www.bleepingcomputer.com/tag/whirlpool/) [Lawrence Abrams](https://www.bleepingcomputer.com/author/lawrence-abrams/) Lawrence Abrams is the owner and Editor in Chief of BleepingComputer.com. Lawrence's area of expertise includes Windows, malware removal, and computer forensics. Lawrence ----- Abrams is a co-author of the Winternals Defragmentation, Recovery, and Administration Field Guide and the technical editor for Rootkits for Dummies. [Previous Article](https://www.bleepingcomputer.com/news/security/uk-nca-visits-weleakinfo-users-to-warn-of-using-stolen-data/) [Next Article](https://www.bleepingcomputer.com/news/security/cisa-releases-azure-microsoft-365-malicious-activity-detection-tool/) ## Comments [magic-luigi - 1 year ago](https://www.bleepingcomputer.com/forums/u/1157392/magic-luigi/) Why do you publish shaming site Lawrence? [Lawrence Abrams - 1 year ago](https://www.bleepingcomputer.com/author/lawrence-abrams/) Not intentional. Fixed ----- [Some-Other-Guy - 1 year ago](https://www.bleepingcomputer.com/forums/u/1150694/some-other-guy/) Wash, rinse, repeat Post a Comment [Community Rules](https://www.bleepingcomputer.com/posting-guidelines/) You need to login in order to post a comment [Not a member yet? Register Now](https://www.bleepingcomputer.com/forums/index.php?app=core&module=global§ion=register) ## You may also like: -----