Threat Actor: Ransomware Group | Ransomware Group
Victim: Casio | Casio
Price: Not disclosed
Exfiltrated Data Type: Personal and confidential information
Key Points :
- Casio experienced a ransomware attack starting on October 5th, leading to system failures and data leakage.
- The breach affected personal information of employees, business partners, job applicants, and customers.
- Confidential internal documents, including legal and financial information, may have been compromised.
- Casio’s CASIO ID, ClassPad.net service, and online sales services were not impacted as they operate on separate servers.
- The company has reported the incident to authorities and is advising individuals to be cautious of phishing attempts.
Electronics giant Casio has disclosed a significant security breach resulting from a ransomware attack. The incident, which began on October 5th, has impacted various servers, leading to system failures and data leakage.
“On October 5, a system failure occurred on some of our servers, rendering several systems unusable,” Casio stated in an official notice. “After investigating the incident, we confirmed that the servers showed signs of unauthorized access. In response, we requested an outside security specialist to conduct a forensic investigation.”
The company confirmed that the unauthorized access was indeed a ransomware attack, leading to the compromise of personal and confidential information belonging to Casio, its affiliates, employees, and customers.
“We are still conducting an investigation, with the assistance of outside security experts, to determine the information on the Company and its affiliated companies that may have been leaked and the scope of the impact,” Casio explained.
While the full extent of the damage is still being assessed, Casio has revealed that the leaked data may include:
- Personal information of employees: This includes temporary and contract employees, as well as some employees of affiliated companies.
- Business partner data: Personal information of Casio’s and its affiliates’ business partners may have been compromised.
- Job applicant data: Information belonging to individuals who previously interviewed for positions at Casio may have been exposed.
- Customer data: Some customer information related to services provided by Casio and its affiliates may have been leaked. However, Casio assures that “Credit card information is not included.”
- Confidential internal documents: Leaked documents may contain legal, financial, human resources planning, audit, sales, and technical information of Casio and its affiliated companies.
Casio has emphasized that its CASIO ID, ClassPad.net service, and online sales services remain unaffected as they operate on separate servers.
The company has reported the incident to the police and the Personal Information Protection Commission and is urging individuals to be vigilant against potential phishing attempts.
“Please be aware that there is a possibility that your personal information may be misused to send you unsolicited e-mails such as phishing e-mails or spam e-mails,” Casio warned. “If you receive any suspicious e-mails, please do not open it and delete it.“
Casio has also appealed to the public to refrain from spreading information about the incident on social media to prevent further damage and protect the privacy of those affected.
Related Posts:
Original Source: https://securityonline.info/casio-hit-by-ransomware-attack-customer-and-employee-data-compromised/