Bridgestone Confirms Cyberattack Disrupting North American Plants

Bridgestone confirms a cyberattack that disrupted manufacturing plants. This article details the impact on employees, expert analysis, and a look at the suspected hacking group, Scattered Lapsus$ Hunters.

Tire manufacturing giant Bridgestone, the world’s largest by production volume, has confirmed it is investigating a cyberattack that has impacted some of its manufacturing facilities across North America.

The company, which operates in over 150 countries with 50 production plants and 55,000 employees, stated that it believes the incident was limited and has been contained.

Reports of the incident first surfaced on Tuesday, September 2, 2025, concerning two production facilities in Aiken County, South Carolina. The very next day, similar disruptions were reported at a manufacturing plant in Joliette, Quebec.

While the Joliette mayor, Pierre-Luc Bellerose, believes all North American plants were affected, the company has characterised the event as a “limited cyber incident.” At the affected plants, employees whose normal duties were stopped were reportedly given a choice: stay on-site to perform preventive maintenance for a full day’s pay or go home without pay.

Bridgestone Americas (BSA), the company’s arm in this region, released a statement saying that its team responded quickly to the issue. As a result, the company believes it was able to contain the incident in its early stages. Bridgestone does not think any customer data or interfaces were compromised and says business is now operating as usual.

“We have launched a comprehensive forensic analysis and believe we contained the incident early,” the company’s statement reads.

****The Suspected Attackers****

The exact nature of the attack is currently unknown, and no threat group has taken formal responsibility. However, it’s worth noting that a group called Scattered Lapsus$ Hunters has been particularly active in recent weeks, claiming responsibility for attacks on other major companies like Jaguar Land Rover and Salesforce.

This group is said to be a merger of three prominent hacking groups: Scattered Spider, Lapsus$, and ShinyHunters. This same group recently made headlines for threatening Google’s CEO, demanding that two security experts be fired or they would leak stolen data.

These groups are known for stealing sensitive data and then trying to extort their victims for money. While their claims about the Bridgestone incident remain unconfirmed, the possibility highlights a broader pattern of high-profile attacks by this group.

This incident marks the second time in recent years that Bridgestone has faced a significant cyberattack, following a LockBit ransomware attack in 2022 (PDF) that also disrupted production. While the company has not confirmed if this latest attack is ransomware, its focus on containing the incident and mitigating potential supply chain fallout shows the seriousness of the situation.

****Expert Perspective****

In comments shared with Hackread.com, Erich Kron, Security Awareness Advocate at KnowBe4, explained the critical challenge for manufacturers. Even a minor attack can require a shutdown of production lines, which is a complex process. He stressed the need for a solid business continuity plan and a human risk management program to combat social engineering attacks like phishing, which are often the entry point for malware.