Japanese electronics giant Casio has confirmed that the personal data of almost 8,500 individuals was stolen during an October ransomware attack.
Casio was the target of a ransomware attack on October 5, which saw hackers access sensitive data and render many of the company’s systems unusable. The attack was claimed by the Underground ransomware gang, which said it had stolen more than 200 gigabytes of data from Casio’s systems, per a dark web post seen by TechCrunch.
In an update posted on Tuesday, Casio confirmed that the hacking group — which security experts have linked to a Russia-linked cybercriminal group known as RomCom (or Storm-0978) — accessed the personal information of approximately 8,500 individuals during the October cyber attack.
“Upon completion of the investigation as far as possible, Casio would like to report that some of its internal documents, including personal information, have been leaked,” Casio said in the update.
Casio said the breach impacted the data of almost 6,500 employees, and included information such as names, employee numbers, and email addresses. Some employees’ gender information, dates of birth, ID card data, family data, and taxpayer ID numbers were also compromised.
The hackers also accessed the names, email addresses, phone numbers, and ID card information of more than 1,900 Casio business partners, along with the personal information of 91 customers.
Casio said no credit card information had been exposed in the breach, as its system that handles customers’ personal information was not impacted by the incident.
In Tuesday’s update, Casio confirmed the hackers had phishing techniques to get in, due to “some deficiencies in the company’s measures against phishing emails.” The company also confirmed that it did not negotiate with the hackers responsible for the attack, saying it has “not responded to any unreasonable demands from the ransomware group that carried out the unauthorized access.”
Casio said the services that had been impacted by the ransomware incident are back online, “with the exception of some individual services.” It’s unclear which services remain unusable. The company did not immediately respond to TechCrunch’s questions.
