Casio Computer Co., Ltd. recently shared troubling news about a ransomware attack that hit their network. In a news release, they confirmed that a third party illegally accessed their systems.1
If you’re a Casio customer or partner, you may want to stay updated on this situation, as it affects product orders and shipments.
Casio Faces Cyberattack
On October 5th, Casio Computer Co., Ltd. announced that a third party had illegally accessed its network. After looking into the situation, the company discovered that this unauthorized access led to a system failure. This failure caused some of their services to stop working. At first, Casio didn’t share many details about what happened, only mentioning that there was some “system disruption” throughout the company.
However, the Tokyo-based electronics company updated the public that they had been hit by a Ransomware attack. Ransomware is a type of malicious software that locks users out of their systems until a ransom is paid. During the breach, attackers also got access to information about some of Casio’s customers.
As for who is behind this attack, Casio has not identified any specific individuals or groups. A Ransomware group known as Underground has claimed responsibility for the attack on their dark web leak site, which has been confirmed by TechCrunch.
What You Should Know About The Underground Ransomware Group
A report from Fortinet, released in late August 2024, says that Underground is a smaller Ransomware group that has been targeting Windows systems since July 2023. Microsoft has connected this group to a Russian cybercrime gang called Storm-0978, which is also known as “RomCom” because of the malware they use.
If you’re a Casio customer, it’s understandable to be concerned about this situation. Keeping your personal information secure is important, so it might be a good time to check your accounts for any unusual activity and to stay abreast of any updates from the company.
Casio Takes Action After Data Leak
In a statement, after discovering the data breach, Casio reached out to the police on October 6 and contacted the Personal Information Protection Commission on October 7.
By October 9, they officially reported the issue. As of October 11, they found out that some personal information may have been leaked. This includes:
- Personal information of employees, including temporary and contract workers.
- Some personal details of employees from affiliated companies.
- Information from business partners of Casio and its affiliated companies.
- Personal details of individuals who have applied for jobs with Casio in the past.
- Information about certain customers who use services from Casio and its partners.
Casio reassured its customers that credit card information wasn’t compromised. They confirmed that their Casio ID and ClassPad services were not impacted by this breach.
Casio Struggles To Recover From Ransomware Attack
As told to TechCrunch, Casio has confirmed that many of its systems are still down nearly two weeks after a Ransomware attack. Ayuko Hara, a spokesperson for the company, said that they have “no prospect of recovery yet.”
To limit the damage, Casio disconnected their servers. Unfortunately, this is affecting their ability to take and manage orders from suppliers and schedule product shipments. Hara emphasized that while recovery is challenging, they are focusing on supporting their customers during this time.
Right now, these shipping issues mainly impact customers in Japan. Some of them are seeing a message that says, “Due to a problem with our product shipping system, the shipping date is currently undecided.” However, Casio’s website in the U.S. seems to be unaffected.
According to the company, the Ransomware attack compromised sensitive company data and personal information belonging to employees, contractors, business partners, and job applicants. If you’re waiting on a shipment from Casio, stay tuned for updates as they work to resolve these issues.
| It’s critical for your organization to be Ransomware-ready to protect your data and systems. Learn helpful tips from our webinar on how to prepare for, prevent, and stop these cyber threats! |
FAQ
What Happens If You Are Attacked By Ransomware?
If you are attacked by Ransomware, your files may get encrypted, and you won’t be able to access them until you pay a ransom. It can disrupt your work and put your personal information at risk. It’s important to report the attack to relevant authorities (such as the FBI’s Internet Crime Complaint Center) and seek help to recover your data and improve your security.
Is It Possible To Remove Ransomware?
Yes, it is possible to remove ransomware, but it can be very challenging. For example, the 2Secure team often handles these attacks, like when Phobos Ransomware hit a jewelry business. They faced huge costs, including money paid to attackers and wages for 71 days while their business was shut down. To prevent such attacks, using endpoint protection, running Ransomware attack simulations, and conducting penetration testing can be very helpful.
Source:
- 当社ネットワークへの不正アクセスによるシステム障害について | CASIO. (2024). CASIO公式ウェブサイト. https://www.casio.co.jp/release/2024/1008-incident/
