Casio says ‘no prospect of recovery yet’ after ransomware attack 



Japanese electronics giant Casio has confirmed that many of its systems remain unusable almost two weeks after it was hit by a ransomware attack. 

Casio spokesperson Ayuko Hara told TechCrunch on Thursday that the company sees “no prospect of recovery yet” as it struggles to bounce back from the cyberattack. 

“Since October 5, our servers experienced a system failure that rendered several of them unusable,” Hara told TechCrunch, adding that the company subsequently took measures to disconnect its servers to prevent the spread of damage. 

“This countermeasure is affecting our receiving and placing orders with suppliers and schedule of product shipments,” Hara said. “There is no prospect of recovery yet, but we are prioritizing our customers as we move forward with recovery.”

These shipping issues appear to be affecting customers only in Japan, TechCrunch has learned, where customers are met with a prompt that states: “Due to a problem with our product shipping system, the shipping date is currently undecided.” Casio’s U.S. website appears unaffected at the time of publication. 

On Friday, Casio revealed it had been the victim of a ransomware attack, which saw attackers compromise sensitive company data and the personal information of employees, contractors, business partners, and job applicants. This data theft was claimed by the Underground ransomware group, which shared alleged samples of the stolen Casio data on its dark web leak site.

Hara tells TechCrunch that the “hackers left a threatening message indicating their intention to leak our data,” but said that Casio had not received a ransom demand. This suggests the company has not made contact with the ransomware group, but Casio would not comment when asked by TechCrunch. 

Casio has not yet determined which types of data were stolen or how many individuals are potentially affected, Hara said.

“We have identified that certain information have [sic] been compromised, details are still under investigation,” Hara said. “But we are sure no credit card information of our customers has been compromised.”

Underground, which security experts have linked to the Russia-linked cybercriminal group, known as RomCom (or Storm-0978), claims to have stolen more than 200 gigabytes of data from Casio’s systems. Security researchers have linked the RomCom group to cyberattacks carried out on behalf of the Russian state.

When asked whether Casio disputes Underground’s claims, Hara said the company is “currently investigating.” 




Source