Japanese electronics giant Casio has confirmed that the personal information of around 8,500 people was stolen during a ransomware attack in October.
Cassio was also a target Ransomware attacks On October 5, which saw hackers accessing sensitive data and Many of the company's systems are obsolete. The attack was claimed by an underground ransomware gang, which said it stole more than 200GB of data from Casio's systems, according to a dark web post seen by TechCrunch.
In An update Posted on Tuesday, Casio confirmed that the hacking group — which security experts have linked to the Russia-linked cybercriminal group known as RomCom (or Storm-0978) — accessed the personal information of about 8,500 people during the October cyber attack.
“After the investigation is complete as far as possible, Casio would like to report that some of its internal documents, including personal information, have been leaked,” Casio said in the update.
Casio said the breach affected the data of about 6,500 employees and included information such as names, employee numbers and email addresses. Some employees' gender information, date of birth, ID card information, family information and taxpayer ID numbers were also compromised.
Hackers accessed the names, email addresses, phone numbers and ID card information of more than 1,900 Casio business partners, including the personal information of 91 customers.
Casio said no credit card information was exposed in the breach, as the system that handles customers' personal information was not affected by the incident.
In Tuesday's update, Casio confirmed that hackers have phishing techniques to get in, because “there are some deficiencies in the company's measures against phishing emails.” The company confirmed that it had not negotiated with the hackers responsible for the attack, saying that it “did not respond to any unfounded claims of unauthorized access by ransomware groups.”
Casio said services affected by the ransomware incident are back online, “with the exception of some personal services.” It is not clear which services will remain unused. The company did not immediately respond to TechCrunch's queries.