Casio confirms customer data stolen in a ransomware attack

Casio confirms customer data stolen in a ransomware attack

October 11, 2024 at 10:47AM

Casio confirmed a ransomware attack that compromised personal and confidential data of employees, job candidates, and customers. The Underground group claimed responsibility and leaked documents. Casio stated that no credit card information was stolen and urged caution against sharing leaked data. Authorities are investigating the incident.

**Meeting Takeaways: Casio Ransomware Attack Update**

1. **Incident Confirmation**: Casio has confirmed a ransomware attack occurred earlier this month, resulting in the theft of personal and confidential data.

2. **Data Compromised**:
– Personal information of permanent and temporary employees.
– Information related to business partners and certain affiliates.
– Personal data of job candidates who interviewed in the past.
– Customer information, although no credit card data was compromised.
– Details concerning contracts with business partners.
– Financial records, including invoices and sales transactions.
– Sensitive internal documents (legal, financial, HR, etc.) from Casio and its affiliates.

3. **System Disruption**: The attack led to significant system disruptions and service outages over the weekend.

4. **Responsibility Acknowledgment**: The Underground ransomware group claimed responsibility and leaked documents allegedly taken from Casio’s systems.

5. **Ongoing Investigation**: Casio is actively investigating, and the scope of the impact may still grow. Those potentially affected are advised to be cautious of unsolicited emails.

6. **Safety and Privacy**: Casio requests that individuals refrain from sharing leaked information online to prevent further harm and privacy violations.

7. **Notification of Authorities**: The situation has been reported to the police and Japan’s Personal Information Protection Commission, which are now involved in the investigations.

8. **System Security**: Notably, services like CASIO ID and ClassPad.net were not compromised as they are not hosted on the affected servers.

**Action Items**:
– Remain vigilant against phishing attempts.
– Avoid dissemination of leaked information.
– Follow updates from Casio and law enforcement as the investigation continues.

Full Article