Casio says ransomware attack disrupted services, compromised customer data

Japanese technology giant Casio said that it suffered a ransomware attack earlier this month that compromised the sensitive personal and confidential data of employees, job candidates, and customers.

 

Earlier this month, Casio said in a press release that on October 5, an unauthorised third party breached its internal network, prompting it to immediately launch an investigation, with external cyber security experts, to determine the nature and scope of the incident.

 

“After conducting an internal investigation, it was determined that the unauthorised access had caused a system failure, resulting in the inability to provide some services,” Casio said.

 

“We are currently investigating the details, and an external specialist agency is also investigating to confirm whether any personal information or other important information has been leaked.

 

After becoming aware of the unauthorised access, we promptly reported it to the relevant authorities and have implemented measures such as restricting access from outside,” it added.

 

Recently, the Underground ransomware group claimed responsibility for the cyber attack on Casio and listed it as a victim on its data leak site. The hacker group claimed to be in possession of confidential data, including legal documents, personal data of employees, employee payroll information, patents information, company financial documents, and more.

 

Acknowledging the ransomware group’s claim, Casio said in another press statement that it did suffer a ransomware attack earlier this month that caused the service disruption.

 

While the investigation is still ongoing, Casio has determined that the sensitive personal information of its staff and customers were accessed and stolen by the hacker group. 

 

The compromised data included personal data of both permanent and temporary & contract employees of Casio and its affiliated companies, personal details related to business partners of Casio, personal information of job applicants, personal data of customers who used services provided by Casio and its affiliated companies, and more.

 

Casio has promised to share more information about the incident as and when available and notify impacted individuals whose data was compromised as a result of the ransomware attack.