October 26, 2023 at 10:39AM
Japanese watchmaker Seiko has confirmed a data breach caused by a ransomware attack that occurred a few months ago. The attack resulted in the compromise of customer, business partner, and employee data. The ransomware group, BlackCat and ALPHV, claimed responsibility for the attack and leaked over 2TB of information when their extortion attempts were not met. Seiko stated that approximately 60,000 personal data records were compromised, including customer and business partner information, but payment card data was not stolen. Seiko has taken basic cybersecurity measures in response to the breach.
Key Takeaways from the Meeting Notes:
1. Seiko, the Japanese watchmaking giant, experienced a ransomware attack a few months ago, which resulted in a data breach affecting customers, business partners, and employees.
2. The ransomware group known as BlackCat and ALPHV claimed responsibility for the attack and began leaking files after Seiko refused to respond to their extortion attempts.
3. The cybercrime group allegedly stole over 2 terabytes of data, including employee information, production technology details, audio and video recordings of management meetings, emails, and copies of passports belonging to employees and foreign visitors.
4. In mid-September, the attackers made all the stolen information public on their Tor-based leak website.
5. A total of approximately 60,000 personal data records associated with Seiko Group Corporation (SGC), Seiko Watch Corporation (SWC), and Seiko Instruments Inc. (SII) were compromised.
6. Compromised data includes SWC customer information such as names, addresses, phone numbers, and email addresses. However, payment card information was not stolen.
7. Business partner information, including names, job titles, company affiliations, and contact details, was also stolen by the ransomware group.
8. The names and contact information of current and former employees, as well as job applicants, were part of the data breach.
9. Seiko has implemented cybersecurity measures, including temporary blocking of external communication with affected servers, installation of Endpoint Detection and Response (EDR) systems, and implementation of multi-factor authentication to prevent further breaches.
10. The meeting highlighted that the cybersecurity measures taken by Seiko should be implemented proactively by all organizations, rather than in response to a significant data breach.