Cyber Incident Victim: Bridgestone Americas
Date:
Feb 2022
Location:
United States of America
Summary
A major cyberattack targeted Bridgestone Americas, prompting the company to disconnect manufacturing and retreading facilities across North and Latin America to contain the threat. The incident caused widespread operational disruptions, including prolonged plant closures and worker displacement, as facilities remained offline for multiple days. While the company initiated a comprehensive investigation, it could not immediately determine the scope or nature of the security compromise. The disruptions impacted numerous production sites and affected thousands of employees, with unions confirming extended work stoppages across several states and countries. Operations remained partially suspended as the organization worked to secure its systems and restore normal activity.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The cyber incident affecting Bridgestone Americas began in the early morning hours of February 27, 2022, when the company detected a potential information security breach. Bridgestone immediately launched a comprehensive investigation to assess the situation and secure its IT systems. As a precautionary containment measure, the company disconnected numerous manufacturing and retreading facilities across Latin America and North America from its network to prevent potential spread of the incident. This proactive isolation strategy resulted in immediate operational disruptions, forcing Bridgestone to halt first-shift operations at affected plants on Sunday and send employees home. The Warren TBR Plant in the United States was among the first confirmed facilities impacted, with subsequent reports indicating widespread outages affecting production sites in Iowa, Illinois, North Carolina, South Carolina, Tennessee, and Canada.
By March 1, three days after the initial disruption, Bridgestone's manufacturing operations remained significantly impaired. The United Steelworkers Union Local 1155L communicated via Facebook that hourly workers scheduled for March 1 day shifts at the Warren plant were not required to report, implementing a "no work, no pay" policy while offering vacation time as an alternative. Bridgestone extended these closures through at least March 2, confirming hourly workers would not be needed for Wednesday shifts. The company maintained public uncertainty regarding the attack's scope and nature, reiterating in multiple statements that investigators had not yet determined definitive details about the incident's origins or full impact. With over 50 production facilities and approximately 55,000 employees across Canada, Central America, Latin America, and the Caribbean affected by the network disconnections, the disruption represented one of the most significant cyber-induced manufacturing outages in the automotive supply sector. Bridgestone's parent corporation, the world's largest tire manufacturer, faced prolonged operational challenges as recovery efforts continued without public clarification about whether customer data or corporate systems beyond production networks were compromised.