conti attacks Sanoh America Inc.

Incident Date:

March 22, 2022

World map



conti attacks Sanoh America Inc.


Sanoh America Inc.




Mt Vernon, USA

Oklahoma, USA

First Reported

March 22, 2022

Ransomware Attack on Sanoh America Inc.

Sanoh America Inc., a prominent North American supplier known for its tubular products for automotive applications, recently fell victim to a ransomware attack orchestrated by the Conti group. Established in 1987, Sanoh America has expanded its operations by utilizing a comprehensive global network that encompasses engineering, technology, and production resources, aiming to address the challenges faced by its business partners.

The breach was disclosed through a publication on the Conti dark web leak site. Sanoh America's official website, which outlines their operational scope and dedication to enhancing product value, became a point of reference following the attack.

While specific details regarding the company's size and the attack's intricacies remain undisclosed, it is evident that the manufacturing sector, akin to Sanoh America, is increasingly becoming a hotspot for ransomware attacks. This trend is attributed to the sector's possession of sensitive data, paralleling the heightened attack susceptibility observed within the healthcare industry.

The exact vulnerabilities exploited in the attack on Sanoh America remain unspecified. Nonetheless, it is a well-documented fact that ransomware groups continuously refine their strategies through relentless probing and reconnaissance, aiming to amplify their attack efficacy. This adaptability often overwhelms organizational defenses, despite substantial investments in cybersecurity measures.

As the investigation unfolds, the restoration efforts concerning electronic medical records and other critical clinical systems are actively pursued by the affected entities. To date, Sanoh America Inc. has not issued an official statement detailing the attack's ramifications on its operational continuity.

The healthcare sector's vulnerability to cyber threats is underscored by the vast amounts of sensitive data it harbors, making it an attractive target for cybercriminals. The intensity and frequency of cyber attacks targeting this sector have shown a marked increase over recent years.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.