Exco Technologies, a Canadian-based international manufacturer of die cast tools and car parts, has been the victim of a cyber attack. The company reported that three production facilities within its Large Mould Group are recovering from the incident, which occurred last month. They temporarily disabled some computer systems while they investigate the incident. They are in the process of bringing these systems back online and expect operations to be substantially restored over the next two weeks. There is no indication that shipments to customers have been or will be materially interrupted. The company did not provide any details about the type of attack or whether personal or corporate data was accessed. Independent experts have been retained to assist in dealing with the matter.
Exco Technologies is a Canadian-based international manufacturer of die cast tools and car parts. The company operates in two business segments:
A casting and extrusion division: It has three business units that design, develop and manufacture tooling and related products for the aluminum die-cast and extrusion industries. The group is the world’s largest independent provider of tooling for these markets, operating a total of 16 tooling plants in nine countries.
An automotive solutions group: It has four distinct businesses that design, develop and manufacture automotive interior trim components and assemblies for the North American and European markets. This group has operations in Canada, Mexico, and Morocco.
As per the latest financial report, the company had a profit of just under $19 million on sales of $498.9 million for the 12-month period ending Sept. 30, 2022.
“Although fuller details are yet to be disclosed about the attack on three of Exco Corp’s production facilities, current indicators point to this not being ransomware related,” said Dave Masson, director of enterprise security for Darktrace Canada. “Unfortunately, in situations like this, companies sometimes need to disable or shut down their OT systems (manufacturing/production systems) as a precaution, causing delays in their overall business process (similar to what we saw with Colonial Pipeline) which can be more disruptive than the initial attack itself.”