Japanese electronics company Casio has announced the results of its investigation into a recent ransomware attack that has affected thousands of individuals. In early October 2024, Casio disclosed network disruptions and system failures due to unauthorized access.

Ransomware Attack Confirmation

Shortly after the initial disclosure, Casio confirmed that a ransomware attack had led to the theft of sensitive personal and corporate data.

Forensic Findings

A detailed forensic investigation has revealed that attackers exploited vulnerabilities in overseas offices, gaining initial access through phishing emails.

Compromised Data

The attack resulted in the breach of corporate documents and internal data, primarily from servers affected by the ransomware.

Employees

Approximately 6,500 employees, both in Japan and internationally, had personal data such as names, email addresses, gender, birth dates, and taxpayer IDs compromised.

Business Partners

Around 1,900 business partners’ data, including names, representatives, email addresses, phone numbers, company names, and in some cases, ID cards, were affected.

Customers

The breach impacted information on 91 customers in Japan, including names, phone numbers, addresses, purchase dates, and product names. Importantly, no evidence was found suggesting theft from the main customer database or systems managing personal data.

Additional Stolen Data

The cybercriminals also accessed invoices, contracts, sales documents, internal review materials, and data related to internal systems, but payment card information was not compromised.

Perpetrators and Threats

The ransomware group Underground claimed responsibility, threatening to release stolen data. They assert having stolen over 200 GB of data, some of which has reportedly been made available on their Tor leak site.

Looking Ahead

Casio continues to address the fallout and strengthen its security measures in response to this breach. The company emphasizes that no customer payment information was compromised in the breach.

The link has been copied!