Japanese consumer electronics giant Casio has admitted that customer data was stolen in a ransomware attack earlier this month.
Casio first acknowledged that it had suffered a cyberattack on October 7, but at the time did not disclose the nature of the incident, which caused an unspecified “system failure” throughout the company. In an updated statement on Friday, the Tokyo-based electronics giant acknowledged that it had fallen victim to ransomware.
Casio's statement said the attackers collected personal information belonging to Casio employees, contractors, business partners, and people interviewed by the company, as well as invoices, personnel files, and some technical information belonging to the company. Confirmed access to sensitive corporate data.
Casio said the hackers also accessed “information about some customers,” but declined to say what kind of data was accessed or how many individuals were affected so far. There wasn't.
Casio denied the possibility of a credit card information leak and said its Casio ID and ClassPad services were not affected by the breach.
Casio has not confirmed who is behind the attack. A ransomware and extortion racket called Underground has claimed responsibility for the breach of a dark web leak site, witnessed by TechCrunch.
Underground is a relatively new ransomware and extortion group, first observed carrying out cyberattacks in June 2023. Microsoft previously linked ransomware activity to a Russian-linked cybercrime group known as Storm-0978 (also known as “RomCom” due to its eponymous malware). ). BlackBerry researchers previously told TechCrunch that RomCom also conducts cyberattacks and other digital intrusions on behalf of the Russian government.
Underground said in a post on its dark web leak site that it stole more than 200 gigabytes of data from Casio, including legal documents, payroll information, and personal information of Casio employees. As seen by TechCrunch, the group released samples of the stolen data to legitimize the breach and possibly further coerce the company into paying the ransom.
It is unclear whether Casio received a ransom demand from the underground. The company declined to answer TechCrunch's questions.
Casio said in an updated statement that the “full extent of the damage” caused by the ransomware is still being investigated. The company says some Casio systems remain “unusable.”