{ "id": "7b79fdc3-7d27-414a-aca2-8ab89db2f0fd", "created_at": "2026-04-06T00:09:14.596883Z", "updated_at": "2026-04-10T03:20:43.784436Z", "deleted_at": null, "sha1_hash": "864393e380be3ec4ebc22815128d42dcf0550a40", "title": "Leading U.S. laser developer IPG Photonics hit with ransomware", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 2108540, "plain_text": "Leading U.S. laser developer IPG Photonics hit with ransomware\r\nBy Lawrence Abrams\r\nPublished: 2020-09-18 · Archived: 2026-04-05 16:52:18 UTC\r\nIPG Photonics, a leading U.S. developer of fiber lasers for cutting, welding, medical use, and laser weaponry has suffered a\r\nransomware attack that is disrupting their operations.\r\nBased out of Oxford, Massachusets, IPG Photonics has locations worldwide where they employ over 4,000 people and have\r\na $1.3 billion revenue in 2019.\r\nThe company's lasers were used as part of the U.S. Navy's Laser Weapon System (LaWS) that was installed on the\r\nUSS Ponce. This system is an experimental defensive weapon against small threats and vehicles.\r\nhttps://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nIPG Photonics disrupted by a ransomware attack\r\nOn Monday, BleepingComputer was contacted by a source with knowledge of the attack who told us that a ransomware\r\nattack had disrupted its operations.\r\nDue to the attack, IPG Photonics IT systems are shutdown worldwide, affecting email, phones, and network connectivity in\r\nthe offices.\r\nWith these systems down, BleepingComputer is also being told that manufacturing parts and shipping have become\r\nunavailable.\r\nIf you have first-hand information about this or other unreported cyberattacks, you can confidentially contact us on Signal\r\nat +16469613731.\r\nA partial ransom note seen by BleepingComputer also indicates that the RansomExx ransomware operation conducted the\r\nattack.\r\nRansomExx is a rebranded version of the Defray777 ransomware and has seen increased activity since June when they\r\nattacked the Texas Department of Transportation (TxDOT) and Konica Minolta in August.\r\nLike other RansomExx ransom notes, the attackers tell the victim not to contact law enforcement as ransom payments could\r\nbe blocked.\r\nThis same message is shown in the ransom note left behind during the Konica Minolta Ransomware attack.\r\nKonica Minolta ransom note\r\nThe ransom note also claims that the attackers have stolen data from \"TFS repositories and something else.\"\r\nRansom EXX does not have a ransomware data leak site, and we are not aware of them releasing victim's stolen data in the\r\npast.\r\nBleepingComputer has emailed and called IPG Photonics repeatedly for comment but has not received replies as of yet.\r\nhttps://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/\r\nhttps://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/\r\nPage 4 of 4", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/" ], "report_names": [ "leading-us-laser-developer-ipg-photonics-hit-with-ransomware" ], "threat_actors": [], "ts_created_at": 1775434154, "ts_updated_at": 1775791243, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/864393e380be3ec4ebc22815128d42dcf0550a40.pdf", "text": "https://archive.orkl.eu/864393e380be3ec4ebc22815128d42dcf0550a40.txt", "img": "https://archive.orkl.eu/864393e380be3ec4ebc22815128d42dcf0550a40.jpg" } }