Casio Hit by Ransomware Attack, Customer and Employee Data Compromised
Electronics giant Casio has disclosed a significant security breach resulting from a ransomware attack. The incident, which began on October 5th, has impacted various servers, leading to system failures and data leakage.
“On October 5, a system failure occurred on some of our servers, rendering several systems unusable,” Casio stated in an official notice. “After investigating the incident, we confirmed that the servers showed signs of unauthorized access. In response, we requested an outside security specialist to conduct a forensic investigation.”
The company confirmed that the unauthorized access was indeed a ransomware attack, leading to the compromise of personal and confidential information belonging to Casio, its affiliates, employees, and customers.
“We are still conducting an investigation, with the assistance of outside security experts, to determine the information on the Company and its affiliated companies that may have been leaked and the scope of the impact,” Casio explained.
While the full extent of the damage is still being assessed, Casio has revealed that the leaked data may include:
- Personal information of employees: This includes temporary and contract employees, as well as some employees of affiliated companies.
- Business partner data: Personal information of Casio’s and its affiliates’ business partners may have been compromised.
- Job applicant data: Information belonging to individuals who previously interviewed for positions at Casio may have been exposed.
- Customer data: Some customer information related to services provided by Casio and its affiliates may have been leaked. However, Casio assures that “Credit card information is not included.”
- Confidential internal documents: Leaked documents may contain legal, financial, human resources planning, audit, sales, and technical information of Casio and its affiliated companies.
Casio has emphasized that its CASIO ID, ClassPad.net service, and online sales services remain unaffected as they operate on separate servers.
The company has reported the incident to the police and the Personal Information Protection Commission and is urging individuals to be vigilant against potential phishing attempts.
“Please be aware that there is a possibility that your personal information may be misused to send you unsolicited e-mails such as phishing e-mails or spam e-mails,” Casio warned. “If you receive any suspicious e-mails, please do not open it and delete it.“
Casio has also appealed to the public to refrain from spreading information about the incident on social media to prevent further damage and protect the privacy of those affected.
