kelvinsecurity attacks CORT

Incident Date:

April 1, 2022

World map



kelvinsecurity attacks CORT






Gangseo-gu, Republic Of Korea

Seoul, Republic Of Korea

First Reported

April 1, 2022

Cort Guitars Suffers Ransomware Attack

Overview of the Incident

Cort Guitars, a prominent figure in the guitar manufacturing industry, recently fell victim to a ransomware attack orchestrated by the Kelvinsecurity group. The announcement of the attack was made on the group's dark web leak site. Cort Guitars, a subsidiary of Cor-Tek, is renowned for its production of high-quality guitars at competitive prices, catering to various brands such as Squier, PRS SE, Ibanez, and G&L Tribute.

Despite its reputation for quality, Cort Guitars has faced criticism over its manufacturing processes and labor practices, particularly concerning the treatment of workers at its Indonesia plant. This ransomware attack underscores the cybersecurity vulnerabilities inherent in the manufacturing sector, emphasizing the potential for significant financial losses, data breaches, and damage to a company's productivity and reputation.

Impact and Company Response

As of now, Cort Guitars has not issued a public statement regarding the ransomware attack. The status of their operations and the safety of customer data remain uncertain, although their website continues to function. This incident highlights the critical need for companies, especially those within the manufacturing sector, to prioritize cybersecurity. Implementing robust security measures and incident response plans is essential to mitigate the risks posed by ransomware attacks and other cyber threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.