Askul Ransomware Attack: Japan E-commerce Giant Still Down After 45 Days of Disruption
Do Son 
The Japanese online retailer Askul has managed to restore only partial online sales after forty-five days of downtime following a ransomware attack, and a full return to normal operations remains a distant prospect. The incident disrupted not only the company’s own services but also the logistics it provides to outside brands.
Askul operates several marketplaces for both private and corporate customers, as well as logistics services relied upon by well-known companies, including Muji. Its main site targets small businesses, SOLOEL ARENA supports corporate procurement, and the consumer platform Lohaco partners with Yahoo Japan.
On 19 October, the company detected a ransomware infection within its infrastructure. By the next day, it had become clear that order placement and product shipment were impossible. On 22 October, the disruption was officially linked to the failure of the warehouse management system, which in turn halted logistics services for partners.
On 30 October, Askul reported a large-scale data breach: customer names and contact information had been exposed. The company acknowledged that part of the data had been published, issued an apology, deployed a cloud-based email service to notify affected individuals, and began sending notices stating that no signs of misuse of the stolen information had yet been identified.
In early November, Askul took an unusual step — reopening order intake via fax. Initially, only thirty-seven items were offered, led by boxes of office paper, and the scheme was limited to certain customer categories, such as medical institutions and elder-care facilities. The list of products and the number of available warehouses were gradually expanded.
On 19 November, the company addressed the incident only in general terms, stating that it was refraining from disclosing attack details and continuing an in-depth review of logs, anomaly monitoring, and investigation of the causes and scope of system failures.
On 3 December, Askul announced the completion of warehouse management system restoration with enhanced security measures and declared readiness to accept online orders. At this stage, however, only services for corporate clients have been relaunched, and delivery times have increased by several days compared to pre-incident levels.
Consumer platforms, including Lohaco, are expected to resume operations only after B2B services stabilize, leaving brands dependent on Askul’s logistics — such as Muji — still unable to accept orders in full. The impact is softened slightly by the fact that the Christmas shopping season in Japan is less critical than in Western markets.
Financial consequences also remain unclear. On Monday, the company informed investors that it would not be able to prepare its quarterly report by the planned 15 December release date and required additional time to assess the damage and related factors. Askul has not provided a timeline for full restoration of online sales.
The incident is already being compared to the ransomware attack on the British retailer Marks & Spencer, which spent £136 million on remediation and suffered a profit decline. Given that Askul’s shutdown has been longer and its return to service slower, the Japanese company’s eventual costs may be comparable — or even greater.
The episode once again underscores the heavy price of security failures and insufficiently tested disaster-recovery plans for major players in online retail and logistics.
Donate