Canon says July ransomware attack compromised employees’ personal data

Canon says July ransomware attack compromised employees’ personal data

Canon suffers Maze ransomware attack

Japanese camera giant Canon has confirmed that a ransomware attack that targeted its network in July this year resulted in the compromise of file servers that stored the personal information of present and former employees from 2005 to 2020 and their beneficiaries and dependents.

In August, Canon USA announced that it temporarily suspended both the mobile application and web browser service of image.canon after discovering that a portion of users' still image and video image data stored in the cloud photo platform was lost.

The loss of users' still image and video image data stored in a 10GB long term storage database was discovered on 30th July. Even though the image.canon service was restored on 4th August, Canon said that users will not be able to download or transfer still image thumbnails in the 10GB long-term storage.

According to Bleeping Computer, while dealing with the outage, Canon also suffered a major ransomware attack carried out by hackers behind the Maze ransomware who successfully exfiltrated up to 10 terabytes of data stored in Canon's private databases.

A message sent by Canon's IT service centre to the company's employees revealed that the company was experiencing "widespread system issues" affecting multiple applications, Teams, Email, and other internal systems. The cause of the system issues, however, was not revealed by the company.

In a data security incident notification posted on its website last week, Canon said the ransomware attack, that took place between 20th July and 4th August, resulted in hackers accessing file servers that contained information about current and former employees from 2005 to 2020 and their beneficiaries and dependents.

"We identified a security incident involving ransomware on August 4, 2020. We immediately began to investigate, a cybersecurity firm was engaged, and measures were taken to address the incident and restore operations. We notified law enforcement and worked to support the investigation. We also implemented additional security measures to further enhance the security of our network.

"We determined that there was unauthorized activity on our network between July 20, 2020 and August 6, 2020. During that time, there was an unauthorized access to files on our file servers. We completed a careful review of the file servers on November 2, 2020 and determined that there were files that contained information about current and former employees from 2005 to 2020 and their beneficiaries and dependents.

"The information in the files included the individuals' names and one or more of the following data elements: Social Security number, driver's license number or government-issued identification number, financial account number provided to Canon for direct deposit, electronic signature, and date of birth.," the company said.

Stating that it regrets that the incident was allowed to occur, Canon said it has arranged for affected present and former employees and their beneficiaries and dependents to receive a complimentary membership to Experian's® IdentityWorks credit monitoring service that helps detect possible misuse of an individual's information and provides the individual with identity protection services.

Copyright Lyonsdown Limited 2021

Top Articles

300% increase in global cyber attacks

According to NTT's Global Threat Intelligence Report, there has been a 300% increase in cyber attacks globally Manufacturing, healthcare and finance industries all saw an increase in attacks globally (300%,…

US pipeline giant Colonial Pipeline suffers disruptive DarkSide ransomware attack

Colonial Pipeline suffered a DarkSide ransomware attack late last week that forced it to shut all pipeline operations.

NCSC's Active Cyber Defence programme helped sink 70k online scams in 2020

NCSC's Active Cyber Defence programme, which includes the Suspicious Email Reporting Service, helped in taking down over 70,000 online scams totalling 1.4 million URLs last year.

Related Articles