Casio Data Breach: 8,500 Customers Affected by Ransomware Attack

Casio Data Breach Confirmed: 8,500 Individuals Affected

Electronics manufacturer Casio has officially acknowledged a data security incident. The breach, stemming from a ransomware attack in October, resulted in the compromise of personal data belonging to nearly 8,500 people.

Ransomware Attack Details

On October 5th, Casio experienced a significant ransomware attack. This malicious activity granted unauthorized access to sensitive company data and disrupted numerous systems. The Underground ransomware group claimed responsibility, asserting they had exfiltrated over 200 gigabytes of data, as reported by TechCrunch.

Security analysts have connected the Underground group to RomCom (also known as Storm-0978), a cybercriminal organization believed to have ties to Russia.

Scope of the Data Breach

Casio’s recent update confirms the exposure of personal information during the October cyberattack. The investigation revealed that data pertaining to approximately 8,500 individuals was leaked.

The compromised data included information from:

• Approximately 6,500 employees
• Over 1,900 business partners
• 91 customers

Specifically, employee data included names, employee numbers, and email addresses. Further details, such as gender, dates of birth, ID card data, family information, and taxpayer ID numbers, were also exposed for some employees.

For business partners, the breach involved names, email addresses, phone numbers, and ID card information.

No Financial Data Compromised

Casio has stated that credit card information was not affected by the breach. The systems handling customer financial details remained secure and were not impacted by the incident.

Attack Vector and Response

The company determined that the attackers gained initial access through phishing techniques, exploiting vulnerabilities in Casio’s defenses against such emails. Casio has confirmed they did not engage in negotiations with the ransomware group, refusing to meet any of their demands.

Service Restoration

Most services impacted by the ransomware attack have been restored. However, some individual services remain offline.

According to Casio spokesperson Ayuko Hara, the G-Shock customization service in Japan is among those still experiencing disruptions.