ransomexx attacks Bombardier Recreational Products (BRP)

Incident Date:

October 1, 2022

World map



ransomexx attacks Bombardier Recreational Products (BRP)


Bombardier Recreational Products (BRP)




Sturtevant, USA

Wisconsin, USA

First Reported

October 1, 2022

Bombardier Recreational Products (BRP) Suffers Ransomware Attack

Bombardier Recreational Products (BRP), a global leader in the world of powersports vehicles and propulsion systems, has been targeted by the ransomware group Ransomxx. The attack was announced on the group's dark web leak site, and the victim's website is https://www.brp.com/.

BRP is a company built on passion, trust, and ingenuity, with a commitment to actively create a brighter future for its employees, communities, customers, and stakeholders. The company operates in the Manufacturing sector and is known for its iconic brands such as Ski-Doo and Lynx snowmobiles, Sea-Doo watercraft and pontoons, Can-Am vehicles, Alumacraft and Quintrex boats, Manitou pontoons, and Rotax marine propulsion systems and engines for karts and recreational aircraft.

The size of BRP is significant, with a global presence and a focus on offering an enhanced retail experience through the implementation of a retail environment strategy. The company's phenomenal growth worldwide means that it offers numerous opportunities for career advancement, learning, and growth, and it is committed to showcasing its internationally recognized premium brands and best-in-class product lines that cover each season of the year.

Analysis of the Attack

The vulnerabilities that made BRP a target for ransomware attacks are not explicitly mentioned. However, it is known that ransomware attacks often exploit weaknesses in software, phishing tactics, or third-party vulnerabilities. In the case of BRP, it is possible that the attackers found a weakness in the company's systems or used phishing tactics to gain access.

The ransomware attack on BRP is part of a broader trend of ransomware attacks on organizations worldwide. In 2022, 71% of organizations experienced at least one ransomware attack, with an average total cost of $4.3 million. The attack on BRP underscores the need for companies to implement robust cybersecurity measures to protect against such threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.