Casio says October ransomware compromised the data of about 6,500 individuals

Japanese technology giant Casio said that the ransomware attack it suffered in October compromised the sensitive personal information of approximately 6,500 individuals.

 

Last year, Casio said that on October 5, an unauthorised third party breached its internal network, prompting it to immediately launch an investigation, with help from external cyber security experts, to determine the nature and scope of the incident.

 

 

“After conducting an internal investigation, it was determined that the unauthorised access had caused a system failure, resulting in the inability to provide some services,” Casio said.

 

The Underground ransomware group claimed responsibility for the cyber attack on Casio and listed it as a victim on its data leak site. The hacker group claimed to be in possession of confidential data, including legal documents, personal data of employees, employee payroll information, patents information, company financial documents, and more.

 

Acknowledging the ransomware group’s claims, Casio said in a press statement that it did suffer a ransomware attack that caused the service disruption.

 

In a recent statement, Casio said that its investigation determined that the sensitive personal information of its employees, business partners and customers were compromised during the incident.

 

“Casio confirmed that a part of the data of internal documents containing personal information was stolen and leaked as a result of the ransomware attack.

 

“As a result of the investigation, it was confirmed that some of the data stored for internal business use, such as internal documents, had been leaked, mainly from servers that had been attacked by ransomware,” the company said.

 

“It has been confirmed that the leaked internal documents contain personal information about our employees and also information about some of the business partners and customers.”

 

Casio’s investigation revealed that the ransomware attack compromised customers’ sensitive personal information, as well as names, email addresses, gender, dates of birth, and taxpayer IDs of around 6,500 employees in Japan and other countries.

 

The ransomware incident also compromised the data of 1,900 business partners of Casio, including their names, representative, email addresses, phone numbers, company names and contact details and ID cards.

 

Casio has, however, added that it has “no evidence of data theft was found in the customer database or in the system that handles customers’ personal information.”