Japanese electronics large Casio has confirmed {that a} ransomware assault earlier this month resulted within the theft of buyer information.
Casio first confirmed on October 7 it had been hit by a cyberattack, however on the time didn’t reveal the character of the incident that brought about unspecified “system disruption” throughout the corporate. In an up to date assertion on Friday, the Tokyo-based electronics large confirmed that it had been the sufferer of ransomware.
Casio’s assertion confirms that the attackers accessed private data belonging to Casio staff, contractors, enterprise companions, and individuals who have interviewed for the corporate, together with delicate firm information together with invoices, human assets information, and a few technical data belonging to the corporate.
Hackers additionally accessed “details about some prospects,” Casio stated, however didn’t state which kinds of information had been accessed or what number of people are up to now affected.
Casio dominated out a compromise of bank card data, saying its Casio ID and ClassPad companies have been unaffected by the breach.
Casio hasn’t confirmed who’s behind the assault. A ransomware and extortion racket referred to as Underground has claimed duty for the breach on its darkish net leak web site, which TechCrunch has seen.
Underground is a comparatively new ransomware and extortion group, first noticed finishing up cyberattacks in June 2023. Microsoft beforehand linked the ransomware operation to the Russia-linked cybercriminal group referred to as Storm-0978 (also called “RomCom” to be used of its eponymous malware). Researchers at BlackBerry beforehand informed TechCrunch that RomCom additionally carries out cyberattacks and different digital intrusions for the Russian authorities.
Underground stated in a submit on its darkish net leak web site that it stole greater than 200 gigabytes of information from Casio, together with authorized paperwork, payroll data, and private data of Casio staff. The group has printed samples of the stolen information, seen by TechCrunch, so as to declare legitimacy of the breach, and certain in an effort to additional extort the corporate into paying a ransom.
It’s not recognized whether or not Casio has acquired a ransom demand from Underground. The corporate declined to reply TechCrunch’s questions.
In its up to date assertion, Casio stated the “full extent of the harm” attributable to the ransomware remains to be being investigated. Some Casio programs stay “unusable,” in keeping with the corporate.
