Update: July 1, 2024:
Crown returned to normal operations after the cyber attack. They first announced on June 19 that they were victims of a cyberattack from an international cybercriminal organization. John Tate, senior vice president at Crown, said in a statement that with established security measures and its IT staff acting quickly with the help of leading cybersecurity professionals across the globe, they were able to quickly respond to and contain the issue. Crown’s retail sales and service operations and office functions that had continued during its production pause have resumed normal operations, and Crown has expressed its gratitude to all its employees, customers, and suppliers for their assistance in resolving this matter.
Crown is cooperating with federal law enforcement as they investigate this incident further, and has committed to using lessons learned from this experience to improve its cybersecurity program with respect to incident prevention and mitigation efforts.
Key Points
- Crown Equipment Corporation, one of the world’s largest forklift manufacturers, is dealing with a suspected cyberattack and global I.T. outage.
- Production plants have closed down, and workers claim they have gone unpaid due to IT outages. While the company is keeping mum, employees are reporting on Twitter that it might be a ransomware attack.
- Official communications have been lacking, leading to speculation and criticism of how Crown has handled incidents.
- The incident underscores the need for preparation on the part of companies for cybersecurity and openness in communication when data is breached or networks are attacked.
The world’s leading provider of forklift trucks and industrial equipment, Crown Equipment Corporation, has reportedly become a victim of a cyberattack recently. This triggered global IT outages that closed production plants across the planet while leaving staff without access to crucial systems.
About Crown Equipment Corporation
Crown Equipment Corporation of New Bremen, Ohio United States is one of the five largest manufacturers of forklift trucks, industrial trucks, and high-rack conveyors in the world.
Crown operates regional headquarters in Australia, China, Germany, and Singapore, with its European headquarters located in Feldkirchen, a town near Munich. Crown also has a production site in Roding, Bavaria, Germany.
Global IT Systems Crash, Production Stopped
Crown’s facilities in Roding, Germany, ceased production on Monday, June 10, 2024, due to a reported IT outage.
The firm’s sites (crown. com) are down, and any attempts to visit either (now at crown. com has temporarily stopped working.” Moreover, the company seems to be having issues with its phone lines, complicating all efforts to contact them.
Suspicions of a Cyberattack and Ransomware Involvement
While Crown Equipment Corporation’s management remains tight-lipped about the situation, employee reports and online discussions suggest a potential cyberattack, possibly involving ransomware. Employees have taken to social media platforms like Twitter and Reddit to express their frustrations, claiming they have not been paid due to the IT issues
One Twitter user, allegedly a Crown employee, stated, “thanks for letting your servers be hacked and not paying your employees. It’s not like we have bills or anything. I thought I worked for a better company.” Another tweet from a purported employee read, “Hey Jon, I work for Crown Equipment, a billion-dollar company with 19,000 plus employees. We were hit with a cyberattack and are currently not working. Now they tell us no pay! This after bragging about being an employee-first company, have to love corporate America.”
A Reddit thread was started to discuss the hack:
Crown Lift Trucks experiencing phishing hack. Company told staff to stay home for "further updates" and told them to seek unemployment while systems are offline.
by inLinusTechTips
Lack of Official Communication and Speculation
Crown Equipment Corporation has yet to provide any official communications about the nature or extent of this incident, leading to much speculation and rumor-mongering in the cybersecurity communities and employees alike.
The company also advised employees not to remove any data from their tablets and placed additional security features, such as reducing multi-factor authentication timeout periods and limiting access to Office 365 apps — including email, Teams, SharePoint, and OneDrive — to company devices only according to reports.
Criticism of How the Incident Was Handled
The response of Crown Equipment Corporation to this incident has been criticized by cybersecurity experts and onlookers. Customers and employees have been left in the dark with little transparency, leading to rampant speculation about the possible data breach and its ramifications.
