Japanese electronics large Casio has confirmed that the non-public information of virtually 8,500 people was stolen throughout an October ransomware assault.
Casio was the goal of a ransomware assault on October 5, which noticed hackers entry delicate information and render most of the firm’s techniques unusable. The assault was claimed by the Underground ransomware gang, which stated it had stolen greater than 200 gigabytes of information from Casio’s techniques, per a darkish internet publish seen by TechCrunch.
In an replace posted on Tuesday, Casio confirmed that the hacking group — which safety specialists have linked to a Russia-linked cybercriminal group often called RomCom (or Storm-0978) — accessed the non-public info of roughly 8,500 people throughout the October cyber assault.
“Upon completion of the investigation so far as attainable, Casio wish to report that a few of its inside paperwork, together with private info, have been leaked,” Casio stated within the replace.
Casio stated the breach impacted the information of virtually 6,500 staff, and included info resembling names, worker numbers, and e-mail addresses. Some staff’ gender info, dates of delivery, ID card information, household information, and taxpayer ID numbers had been additionally compromised.
The hackers additionally accessed the names, e-mail addresses, telephone numbers, and ID card info of greater than 1,900 Casio enterprise companions, together with the non-public info of 91 clients.
Casio stated no bank card info had been uncovered within the breach, as its system that handles clients’ private info was not impacted by the incident.
In Tuesday’s replace, Casio confirmed the hackers had phishing methods to get in, resulting from “some deficiencies within the firm’s measures in opposition to phishing emails.” The firm additionally confirmed that it didn’t negotiate with the hackers chargeable for the assault, saying it has “not responded to any unreasonable calls for from the ransomware group that carried out the unauthorized entry.”
Casio stated the providers that had been impacted by the ransomware incident are again on-line, “excluding some particular person providers.” It’s unclear which providers stay unusable. The firm didn’t instantly reply to TechCrunch’s questions.
