Casio has revealed that some of its corporate systems and services are still damaged and personal information has been compromised, after a ransomware attack over a week ago.
The Japanese electronics giant claimed in a notice on Friday that it was alerted to an unauthorized intrusion after a system failure on October 5 rendered several systems unusable.
“After investigating the incident, we confirmed that the servers showed signs of unauthorized access. In response, we requested an outside security specialist to conduct a forensic investigation. On the same day, we took measures to shut down the servers that had suffered unauthorized access from the internet and our internal network, since we suspected a cyber-attack using ransomware,” it read.
“As a result, some important systems within the company and its affiliated companies have become unusable, and some services have also been affected. The full extent of the damage is still under investigation, but the company has set up a task force and is currently working diligently to quickly restore internal systems and resume operations.”
Read more on ransomware: FBI: US Ransomware Losses Surge 74% to $59.6 Million in 2023
Screenshots posted to X (formerly Twitter) suggest that the Underground ransomware group is responsible for the breach. It has Casio on its leak site, claiming to have 205GB of stolen data in its possession.
🚨Cyberattack Alert ‼️
— HackManac (@H4ckManac) October 10, 2024
🇯🇵Japan - Casio (カシオ計算機)
Underground ransomware group claims responsibility for the attack on Casio.
Allegedly, 204.9 GB of data were exfiltrated, including confidential documents (社外秘), legal documents, personal information of employees,… https://t.co/gprgvyBhhP pic.twitter.com/ZrZeIzwqGg
Among the information that may have been compromised by the ransomware actors is:
- Personal information of Casio temporary and contract employees, and staff from affiliated companies and partners
- Personal information of Casio job applicants who have interviewed for employment with the firm
- Non-credit card information on some customers who use services provided by Casio and affiliates
- Information related to contracts, invoices and sales with current and past business partners and Casio affiliates
- Internal documents containing legal, financial, human resources planning, audit, sales and technical information related to Casio and affiliated companies
“Please be aware that there is a possibility that your personal information may be misused to send you unsolicited e-mails such as phishing e-mails or spam e-mails,” Casio added. “If you receive any suspicious e-mails, please do not open it and delete it.”
Image credit: Robert Way / Shutterstock.com