Casio confirms data of 8,500 people exposed in recent ransomware attack

News
By
published

More details have emerged surrounding Casio cyber-incident

Code Skull
(Image credit: Shutterstock)
  • Casio confirms 8.5k people lost their data in October 2024 ransomware attack
  • Most are Casio employees, with partners and customers less affected
  • The company says it did not pay the ransom demand

Personal data on 8,500 people, mostly Casio employees, was stolen during the October 2024 ransomware attack against the Japanese electronics manufacturer, the company confirmed in an announcement posted on its website.

The incident saw a threat actor from the Underground ransomware group gain access to the company’s IT infrastructure through a successful phishing attack. From there, they were able to disrupt the company’s network, steal sensitive information, and demand a ransom payment.

At the time, the company could not say exactly who was affected by the breach, or what kind of information was stolen - now, a subsequent investigation has shown the data mostly belongs to company employees, with a smaller amount belonging to business partners, and customers.

Employees, business partners, and customers

Overall, 6,456 employees lost their names, employee numbers, email addresses, affiliations, genders, dates of birth, family details, addresses, phone numbers, taxpayer ID numbers, and HQ system account information.

1,931 business partners also lost their names, email addresses, and phone numbers, but also company names, company addresses, and ID card information.

Finally, 91 customers lost their delivery addresses, names, phone numbers, dates of purchase, and product names.

Other leaked data includes internal documents such as invoices, contracts, and meeting materials. Credit card and other payment information was not taken.

Casio stressed that it did not negotiate with the attackers, and did not pay any ransom demand. All affected individuals have been alerted. Usually, when a threat actor steals sensitive information but does not receive a payment, they end up selling the data on the dark web, or using it in phishing, identity theft, or similar attacks.

So far, that doesn’t seem to have been the case, since Casio says there is no evidence of in-the-wild abuse yet.

Via BleepingComputer

You might also like

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.