Royal Enfield ransomware attack

Royal Enfield, the renowned motorcycle manufacturer, is reportedly facing a significant cybersecurity breach. A hacker collective announced a “Complete Breach Notice” on an underground forum, claiming to have fully compromised the company’s systems. They stated that all servers have been encrypted and backups wiped, rendering critical data inaccessible.

Royal Enfield ransomware attackRoyal Enfield ransomware attack

The attackers demanded an undisclosed ransom within 12 hours, threatening to auction the stolen data to the highest bidder. They invited “private bids via qTox,” indicating a shift from direct ransom payment to a bidding war. The group also hinted at releasing “proof-of-access” samples to increase urgency.

Royal Enfield ransomware attackRoyal Enfield ransomware attack

Royal Enfield's headquarters in Chennai, India, has remained largely silent, with a spokesperson confirming an internal investigation and the activation of incident response protocols in collaboration with cybersecurity experts and law enforcement.

Ransomware attacks on the manufacturing and automotive sectors have surged, with a 45% increase reported in 2025. The integration of sophisticated software in modern motorcycles makes manufacturers attractive targets for hackers.