BlackSuit group claims major ransomware attack on Japan's Kadokawa Group

Ransomware01 Jul 2024

Japanese media conglomerate Kadokawa said it experienced a significant ransomware attack in June that affected several systems and services, including its e-commerce platform Ebten and video service Niconico.

In a data security incident notice posted on its website, Kadokawa said that on June 8, multiple servers of the KADOKAWA Group became inaccessible. The company immediately took the affected systems offline and launched an investigation to determine the nature and scope of the incident.

“The ongoing investigation has confirmed that the whole Niconico services, KADOKAWA’s official website, its e-commerce site “ebten”, and several other websites are affected. KADOKAWA is also investigating the possibility of information leaks,” reads the notice.

Since then, KADOKAWA provided several updates regarding the data security incident and how the company is responding to the same. In one such update, the company confirmed that the outage was a result of a “large-scale cyber attack, including ransomware.”

“After confirming the cyber attack, we immediately took emergency measures, such as shutting down the relevant servers, and set up a task force to fully investigate the damage, determine its cause, and restore the system,” the company said.

Kadokawa added that the ransomware attack mainly affected systems of its subsidiary company, Niconico, Japan’s most popular video-sharing service. Also, the payment system of the company was impacted that caused delay in payments to some of its business partners.

The BlackSuit ransomware group has claimed responsibility for the cyber attack on Kadokawa and listed the media giant as a victim on its data leak site. The group claims to have stolen more than 1.5TB of confidential data from the company and has threatened to publish the same on July 1, unless its ransom demands are met.

Acknowledging the claims of the hacker group, Kadokawa said that it is investigating “the possibility for information leakage with the support of external professional organisations.”

“KADOKAWA does not retain any credit card information of the Group’s customers, including Niconico service users, in its system, and therefore, no credit card information will have been leaked,” the company added.