A Canadian-based international manufacturer of die cast tools and car parts has been the victim of a cyber attack.
Exco Technologies said Monday that three production facilities within its Large Mould Group are recovering from a cyber incident last week.
The Toronto-headquartered company temporarily disabled some computer systems as it investigated this incident. It is in the middle of bringing these systems back online, and expects operations to be substantially restored over the next two weeks.
Shipments to customers have not and are not expected to be materially interrupted.
The statement didn’t detail the kind of attack, or whether personal or corporate data was accessed. It said independent experts have been retained to help the company in dealing with the matter.
Exco has two business segments:
— a casting and extrusion division with three business units that design, develop and manufacture tooling and related products for the aluminum die-cast and extrusion industries. It says the group is the world’s largest independent provider of tooling for these markets, operating a total of 16 tooling plants in nine countries;
— an automotive solutions group with four distinct businesses that design, develop and manufacture automotive interior trim components and assemblies for the North American and European markets. This group has operations in Canada, Mexico, and Morocco.
According to its latest financial report, the company had a profit of just under $19 million on sales of $498.9 million for the 12-month period ending Sept. 30, 2022.
“Although fuller details are yet to be disclosed about the attack on three of Exco Corp’s production facilities, current indicators point to this not being ransomware related,” said Dave Masson, director of enterprise security for Darktrace Canada. “Unfortunately, in situations like this, companies sometimes need to disable or shut down their OT systems (manufacturing/production systems) as a precaution, causing delays in their overall business process (similar to what we saw with Colonial Pipeline) which can be more disruptive than the initial attack itself.”