Casio Confirms Ransomware Attack: Personal Data of 8,500 Individuals Stolen by Hackers in October

Casio Confirms Ransomware Attack: Personal Data of 8,500 Individuals Stolen by Hackers in October

In a recent cybersecurity incident, Casio, the renowned Japanese electronics manufacturer, revealed that personal data of nearly 8,500 individuals was compromised during a ransomware attack in October. This breach highlights the ongoing challenges faced by corporations in safeguarding sensitive information.

Details of the Ransomware Attack

On October 5, Casio fell victim to a significant ransomware attack that rendered many of its systems unusable. The Underground ransomware gang claimed responsibility, alleging they had stolen over 200 gigabytes of data from the company’s network, as reported in a dark web post accessed by TechCrunch.

Investigation Findings

Following a thorough investigation, Casio disclosed that the hacking group, reportedly linked to the Russian cybercriminal organization known as RomCom (or Storm-0978), accessed sensitive personal information of approximately 8,500 individuals.

  • Employee Data: Nearly 6,500 employees were affected, with leaked information including:
    • Names
    • Employee numbers
    • Email addresses
    • Gender information
    • Dates of birth
    • ID card data
    • Family data
    • Taxpayer ID numbers
  • Business Partner Information: Data of over 1,900 business partners was accessed, including:
    • Names
    • Email addresses
    • Phone numbers
    • ID card information
  • Customer Data: Personal information of 91 customers was also compromised.

Fortunately, Casio confirmed that no credit card information was exposed during the breach, as the system managing customer payment details remained unaffected.

Phishing Techniques and Company Response

In its update, Casio admitted that the hackers exploited phishing techniques to gain access, taking advantage of certain deficiencies in the company’s email security measures. The company emphasized that it did not engage in any negotiations with the hackers, stating, “we have not responded to any unreasonable demands from the ransomware group that carried out the unauthorized access.”

READ ALSO  Global Police Crackdown: Major Operation Takes Down 8Base Ransomware Gang's Leak Site

Restoration of Services

Casio reported that most services affected by the ransomware attack have since been restored, although some specific services, such as the G-Shock customization service in Japan, remain offline. Casio is working diligently to ensure the security of its systems moving forward.

For further updates on cybersecurity and technology news, stay tuned to our blog.

Source link

Similar Posts

Conduent Confirms Cybersecurity Incident Behind Recent Outage

Conduent Confirms Cybersecurity Incident Behind Recent Outage

Bysupport

Conduent, a U.S. government contractor, confirmed that a recent outage affecting critical support services was due to a cybersecurity incident, causing disruptions for residents dependent on services like child support and food assistance. While the company stated that the incident was contained and systems have been restored, it did not clarify if any systems were compromised or if data was exfiltrated, raising concerns about security measures. The outage has significant implications, including potential delays in payment and uncertainty regarding data privacy. Stakeholders are urged to stay informed as the situation evolves.

CISA Faces Legal Fallout: Urgent Outreach to Laid-Off Employees After Court Deems Layoffs Unlawful

CISA Faces Legal Fallout: Urgent Outreach to Laid-Off Employees After Court Deems Layoffs Unlawful

Bysupport

The Cybersecurity and Infrastructure Security Agency (CISA) is working to reconnect with over 130 former employees unlawfully terminated by the Trump administration, following a U.S. District Court ruling mandating their reinstatement. The affected individuals were probationary employees laid off in February as part of workforce reductions. CISA is actively reaching out but lacks contact information for many, urging eligible former employees to provide their details securely. Rehired employees will receive administrative leave with full pay and benefits. Additional workforce cuts may be imminent, potentially affecting about 100 more employees, including those in critical roles.

Apple and Google Collaborate to Remove Dangerous Mobile Apps from Their App Stores

Apple and Google Collaborate to Remove Dangerous Mobile Apps from Their App Stores

Bysupport

Apple and Google have removed 20 malicious apps from their stores after the discovery of the SparkCat malware, which has been operational since March 2024. Initially found in a food delivery app in the UAE and Indonesia, it spread to 19 other apps, collectively downloaded over 242,000 times. SparkCat uses optical character recognition (OCR) to capture text, targeting cryptocurrency recovery phrases and extracting personal information. Both companies acted swiftly, banning developers and removing the apps. Users are advised to update devices regularly, avoid unofficial sources, and utilize security features like Google Play Protect to mitigate risks.

Urgent Alert: Broadcom Calls on VMware Users to Patch Critical Zero-Day Vulnerabilities Under Active Exploitation

Urgent Alert: Broadcom Calls on VMware Users to Patch Critical Zero-Day Vulnerabilities Under Active Exploitation

Bysupport

Broadcom has issued a cybersecurity alert regarding critical VMware vulnerabilities, known as “ESXicape,” affecting ESXi, Workstation, and Fusion products. Identified as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, these vulnerabilities allow attackers with administrator access to escape secure environments and potentially compromise other virtual machines. Broadcom has reported active exploitation of these vulnerabilities, with concerns that unidentified ransomware groups are targeting them. To mitigate risks, Broadcom has released emergency patches, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) advises immediate implementation of these updates by federal agencies to safeguard against attacks.

UK’s Hidden iCloud Backdoor Sparks Civil Rights Battle

UK’s Hidden iCloud Backdoor Sparks Civil Rights Battle

Bysupport

The U.K. government’s demand for Apple to create a backdoor in its end-to-end encrypted iCloud service has led to legal challenges from civil rights organizations, including Liberty and Privacy International. They filed complaints against the order, labeling it “unacceptable and disproportionate,” and expressed concerns about its global implications for privacy and security. Key figures, Gus Hosein and Ben Wizner, are involved in the challenge, with Apple also contesting the order in the Investigatory Powers Tribunal. The organizations are urging for a public hearing, emphasizing the need to protect encryption essential for privacy and free expression as the case progresses.

Valve Pulls Suspicious Game Demo Over Malware Concerns: What You Need to Know

Valve Pulls Suspicious Game Demo Over Malware Concerns: What You Need to Know

Bysupport

Valve has removed the free demo of the game Sniper: Phantom’s Resolution from its Steam platform after users reported it was installing malware. The first-person shooter, advertised with engaging features, was found to contain malicious software following user analyses on Reddit. This incident highlights the need for caution when downloading software, even from trusted sources. It follows a previous malware issue with another game, PirateFi, which targeted users’ personal information. While Valve has not officially commented on this removal, the situation underscores the importance of user vigilance, antivirus protection, and promptly reporting suspicious software.