Bridgestone has confirmed that a cyberattack has disrupted operations at some of its manufacturing facilities. This article examines the implications for employees, includes expert insights, and highlights the suspected hacking group, Scattered Lapsus$ Hunters.
Bridgestone, the leading tire manufacturer globally by output, has launched an investigation into a cyberattack affecting several manufacturing sites across North America. The company operates over 150 countries, boasting 50 production plants and approximately 55,000 employees.
Emerging reports indicate that the incident, first noted on September 2, 2025, has primarily impacted two facilities in Aiken County, South Carolina. The following day, similar operational disruptions were reported at a manufacturing plant in Joliette, Quebec.
While Joliette’s mayor, Pierre-Luc Bellerose, has suggested that all North American plants experienced some degree of disruption, Bridgestone has described the incident as a “limited cyber event.” Employees at the affected locations were offered the option to remain on-site for preventive maintenance at a full day’s pay or return home without compensation.
Bridgestone Americas (BSA) reported a prompt response to the incident, which the company believes allowed them to contain the issue early on. BSA asserts that customer data and systems remained secure and that operations have returned to normal. The company’s public statement declared, “We have initiated a thorough forensic analysis and believe we contained the incident at an early stage.”
The Suspected Attackers
The specifics of the attack are still unclear, and no hacking group has formally claimed responsibility. However, the group known as Scattered Lapsus$ Hunters has emerged recently, having been implicated in previous attacks against major corporations such as Jaguar Land Rover and Salesforce.
Scattered Lapsus$ Hunters is a coalition of several well-known hacking entities, including Scattered Spider, Lapsus$, and ShinyHunters. Recently, this group made headlines by threatening the CEO of Google, demanding the termination of two security experts or facing data leaks.
This group typically engages in data theft followed by extortion efforts directed at their victims. Although the group has not confirmed its involvement in the Bridgestone incident, the situation underscores a worrying trend of high-profile cybersecurity breaches associated with their tactics.
This incident marks the second significant cyber disruption for Bridgestone in recent years, following a LockBit ransomware attack in 2022 that similarly impacted production. While Bridgestone has not specified whether this attack involved ransomware, their immediate focus on containment and mitigating potential supply chain disruptions indicates the seriousness of the matter.
Expert Perspective
Erich Kron, a Security Awareness Advocate at KnowBe4, provided insights regarding the inherent challenges manufacturers face in the wake of cyberattacks. He noted that even a minor incident can precipitate the shutdown of production lines, a complex undertaking. Kron emphasized the importance of a robust business continuity plan coupled with a human risk management strategy to combat social engineering attacks like phishing, often the entry points for malware.
