362/69 Friday, July 3, 2026

Kubota North America Corporation, the North American business of Japan-based industrial manufacturer Kubota Corporation, has disclosed a cybersecurity incident after finding that threat actors had access to certain parts of the company’s network for more than one month, between March 16 and April 20, 2026. The investigation found that the attackers accessed files containing personal information of employees and their dependents. Kubota is well known for agricultural and construction machinery, operates in more than 120 countries, has more than 52,000 employees, and generates approximately USD 20 billion in annual revenue. Its North American business manufactures tractors, lawn mowers, and utility vehicles.
According to a notice published on the Kubota USA website, the information that may have been exposed varies by individual but may include full names, Social Security numbers, dates of birth, taxpayer identification numbers, driver’s license numbers or state-issued identification numbers, bank account information used for direct deposit payroll, corporate payment card information, benefits enrollment information, and certain claims-related information. Some categories of information may also include data belonging to dependents. The company began sending individual notification letters by email on June 30 to inform affected individuals what information of theirs may have been impacted.
Kubota stated that it has implemented additional security measures to help prevent similar incidents in the future. The company is also providing identity protection services through Kroll to help reduce the risk associated with the exposure of sensitive information. Kubota advised affected individuals to review their bank account statements, healthcare-related documents, and report any suspicious activity to the relevant authorities immediately. At the time of reporting, no ransomware or data extortion group had claimed responsibility for the incident, and Kubota did not state whether its operations or business had been affected.
