In October, Japanese electronics manufacturer Casio fell victim to a large-scale ransomware attack, resulting in the data breach of thousands of employees, clients, and business partners.
In its official report, Casio revealed that the incident impacted 6,456 employees, 1,931 business partners, and 91 customers. The investigation uncovered that the breach was facilitated by phishing emails, which enabled the attackers to infiltrate the company’s servers on October 5.
The company confirmed the leakage of internal documents, including contracts, invoices, meeting materials, and sales data. Compromised employee information included names, staff IDs, email addresses, and departmental details. In some cases, additional sensitive information such as gender, birth dates, home addresses, and tax identification numbers was also exposed.
For business partners, the attackers stole company information, including addresses, phone numbers, and contact details of representatives. Two firms also suffered the loss of biographical data. Customer data compromised in the attack included delivery addresses, phone numbers, purchase dates, and product names, though payment information remained secure.
Casio reported the incident to Japan’s Personal Information Protection Commission and other international regulators. The company stated that it refused to meet the ransom demands and has engaged with law enforcement authorities to address the matter.
The attack, claimed by the Underground group, led to the exposure of more than 200 GB of data. Additionally, Casio experienced week-long delays in shipments and a temporary suspension of certain services. The company warned of an increase in spam campaigns linked to the breach and confirmed ongoing collaboration with police to mitigate further malicious activity.
The attack on Casio is part of a broader wave of cyberattacks targeting Japanese corporations in recent months. Japanese regulators recently issued a warning about a large-scale hacking campaign, active since 2019, attributed to the group MirrorFace. Researchers suspect ties to China, as the campaign primarily seeks to steal data related to national security and advanced Japanese technologies. Victims include government ministries, the national space agency, as well as corporations and think tanks.
