Casio Admits Security Failings as Attackers Leak Employee and Customer Data

Written by

Electronics manufacturing giant Casio admitted that security failings resulted in the personal data of employees, customers and business partners have been leaked online following a ransomware attack.

The Japanese company said its investigation into the October 2024 incident found that internal business information, including invoices and contacts with partners, meeting materials and data related to internal systems, had been published online by the attackers.

Casio added that it “has not responded to any unreasonable demands from the ransomware group that carried out the unauthorized access,” suggesting that it refused to pay a ransom demand.

The attack was claimed by the Underground ransomware group, which posted on its leak site in October 2024 that it had exfiltrated 204.9 GB of data from Casio.

Casio has not provided any information on the identity of the perpetrator.

Personal Data Leaked by Attackers

A total of 6456 Casio employees, including temporary staff, have had their personal data leaked online.

This includes:

  • Human resources data such as name, employee number, email address, and affiliation for 5509 domestic employees
  • In addition to the above, family names, addresses and phone numbers for 97 domestic employees, and ID card information such as gender and date of birth for 10 employees
  • Names, e-mail addresses, and HQ system account information on 881 local employees of domestic and overseas Group companies
  • Names, taxpayer ID numbers and human resources information for 66 ex-employees of some overseas group companies that were previously affiliated with the company

Personal details of 1931 individuals from Casio business partners have also been included in the leak. This includes:

  • Names, e-mail addresses, telephone numbers, company names, company address of 1922 contact persons or representative of Casio business partners, including overseas
  • Names, email addresses, phone numbers, addresses, and biographical information of 9 people who have interviewed for employment with Casio in the past

Additionally, the delivery addresses, names, telephone numbers, dates of purchase and product names of 91 customers who purchased products in Japan that needed delivery and installation were leaked.

Casio said it will contact all individuals impacted by the breach as soon as they are identified.

No evidence of data theft was found in the customer database or in the system that handles customers' personal information.

Casio also confirmed that no credit card data was included in the leak.

Japan’s Personal Information Protection Commission has been notified of the data breach alongside reports submitted to relevant overseas data protection supervisory authorities.

Casio also revealed that some employees have been sent spam emails that may be related to the data breach.

Casio Admits Security Failings

Casio admitted that deficiencies in its security measures designed to combat phishing emails and in its global network security system, including its overseas offices, prevented it from countering the attackers.

The firm is now working with a cybersecurity company to strengthen security across the entire group.

Casio services, with the exception of some individual services, have resumed after having their safety confirmed. The firm had previously shut down the servers that had suffered unauthorized access from the internet and its internal network.

“Casio would like to reiterate its deepest apologies to all parties involved for any inconvenience caused,” the firm added.

Image credit: piyaphun phunyammalee / Shutterstock.com

What’s hot on Infosecurity Magazine?