Casio confirms ransomware attack and exposed customer data

Casio Computer Co., Ltd., the Japanese electronics maker, confirmed Saturday that a third-party ransomware attack earlier this month damaged its network, leaking personal and confidential internal information held by the company and its affiliates .

This acknowledgment from Casio comes after ransomware group Underground claimed responsibility for yesterday’s attack (October 10, 2024) after leaking data allegedly stolen from Casio on its dark web portal.

In an advisory released by the company today, Casio said that on October 5, 2024, some of its servers experienced a system outage. Upon further investigation, it was determined that the servers showed signs of unauthorized access, resulting in the inability to provide certain services.

In response to the attack, the company hired an external security specialist to conduct a forensic investigation.

The same day, Casio shut down servers that had suffered unauthorized access from the Internet and its internal network, suspecting a cyberattack using ransomware.

Additionally, the company has established a task force to restore affected internal systems and resume operations.

He also informed the police on October 6 and the Personal Information Protection Commission on October 7 and reported the matter on October 9.

Although the full extent of the damage is still being assessed, Casio admits that the leaked data may contain personal information, etc., including:

• Personal information of employees (including temporary and contract employees)
• Part of the personal information of part of the employees of affiliated companies
• Personal information of the Company’s business partners and certain of its affiliates
• Personal information of some people who have already interviewed for a job with the company.
• Information about certain customers who use services provided by the Company and certain affiliates (credit card information is not included.)
• Information relating to contracts, invoices, sales, etc. with current and past business partners of the Company and certain of its affiliates.
• Internal documents containing legal, financial, human resources planning, auditing, business and technical information of the Company and its affiliates.

Regarding customer data, Casio said no credit card or other payment data was accessed because the information was not stored in the database.

The Japanese company adds that service systems like CASIO ID and ClassPad.net were not affected by the incident, as they operate on a different server than the one affected by the unauthorized access.

“Please note that it is possible that your personal information may be misused to send you unsolicited emails such as phishing emails or spam. If you receive any suspicious emails, please do not open and delete them,” the notice said.

The company also asks to avoid sharing any information leaked online, as this could make things worse for those affected by the data breach.

“Please refrain from disseminating this information via social media, etc., as this could increase the damage caused by the leak of information about this case, violate the privacy of those involved, have serious consequences on their lives and their businesses and encourage crime,” Casio added.