{
	"id": "04ce60da-717d-40f1-90b1-39f019e4ee42",
	"created_at": "2026-04-06T00:19:11.523119Z",
	"updated_at": "2026-04-10T03:29:39.96717Z",
	"deleted_at": null,
	"sha1_hash": "d45ffe60fb8be2f8439263c8f00e5b8478914438",
	"title": "Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 43973,
	"plain_text": "Alphv group claims the hack of Clarion, a global manufacturer of\r\naudio and video equipment for cars\r\nBy Pierluigi Paganini\r\nPublished: 2023-09-24 · Archived: 2026-04-05 12:58:27 UTC\r\n Pierluigi Paganini September 24, 2023\r\nThe Alphv ransomware group claims to have hacked Clarion, the global\r\nmanufacturer of audio and video equipment for cars and other vehicles.\r\nThe Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and\r\nother vehicles, to the list of victims on its Tor leak site.\r\nClarion Japan is the Japanese subsidiary of Clarion Co., Ltd., a global manufacturer of audio and video equipment\r\nfor cars and other vehicles. The company develops, manufactures, and sells a wide range of products, including\r\ncar navigation systems, audio systems, video systems, and rearview cameras. Clarion Japan also provides a variety\r\nof services, such as car maintenance and repair, and software updates.\r\nClarion’s car navigation systems are used by many car makers in Japan, the products of the company are used by\r\nmillions of Japanese motorists.\r\nThe company has more than 10,000 employees, it also provides its components to other automakers, including\r\nSuzuki, Toyota, Subaru, Ford, Volkswagen, Proton, and Peugeot.\r\nOn September 23, the group announced the hack of the company and the theft of sensitive data, including\r\npartners’ documents.\r\n“Clarion was hacked and leaked confidential data about their business and their partners. This included leaking the\r\nengineering information of the company’s customers. In 2 days, the data will be transferred to interested parties\r\nand partially posted in the public domain. Clarion is a company that will never protect your data, trusting it with\r\nany developments you risk losing your data and reputation.” reads the message published by the Alphvm on the\r\nleak site.\r\nhttps://securityaffairs.com/151299/data-breach/alphv-ransomware-hacked-clarion.html\r\nPage 1 of 2\n\nThe group also claims to have stolen customers’ data and threatens to sell the data to “interested parties” by\r\nSeptember 25, 2023. If the data breach is confirmed, this attack could have a significant impact also on other\r\nplayers in the automotive industry.\r\nThe group published some screenshots of the stolen documents as proof of the hack.\r\nBlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and\r\nincludes industrial explosives manufacturer SOLAR INDUSTRIES INDIA, the US defense contractor NJVC, gas\r\npipeline Creos Luxembourg S.A., the fashion giant Moncler, the Swissport, NCR, and Western Digital.\r\nThe ransom demands of the group range from a few tens of thousands of dollars up to tens of millions of dollars.\r\nFollow me on Twitter: @securityaffairs and Facebook and Mastodon\r\nPierluigi Paganini\r\n(SecurityAffairs – hacking, Alphv)\r\nSource: https://securityaffairs.com/151299/data-breach/alphv-ransomware-hacked-clarion.html\r\nhttps://securityaffairs.com/151299/data-breach/alphv-ransomware-hacked-clarion.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://securityaffairs.com/151299/data-breach/alphv-ransomware-hacked-clarion.html"
	],
	"report_names": [
		"alphv-ransomware-hacked-clarion.html"
	],
	"threat_actors": [
		{
			"id": "6e23ce43-e1ab-46e3-9f80-76fccf77682b",
			"created_at": "2022-10-25T16:07:23.303713Z",
			"updated_at": "2026-04-10T02:00:04.530417Z",
			"deleted_at": null,
			"main_name": "ALPHV",
			"aliases": [
				"ALPHV",
				"ALPHVM",
				"Ambitious Scorpius",
				"BlackCat Gang",
				"UNC4466"
			],
			"source_name": "ETDA:ALPHV",
			"tools": [
				"ALPHV",
				"ALPHVM",
				"BlackCat",
				"GO Simple Tunnel",
				"GOST",
				"Impacket",
				"LaZagne",
				"MEGAsync",
				"Mimikatz",
				"Munchkin",
				"Noberus",
				"PsExec",
				"Remcom",
				"RemoteCommandExecution",
				"WebBrowserPassView"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434751,
	"ts_updated_at": 1775791779,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/d45ffe60fb8be2f8439263c8f00e5b8478914438.pdf",
		"text": "https://archive.orkl.eu/d45ffe60fb8be2f8439263c8f00e5b8478914438.txt",
		"img": "https://archive.orkl.eu/d45ffe60fb8be2f8439263c8f00e5b8478914438.jpg"
	}
}