Share this article on:
Japanese computing and electronics multinational company Casio has disclosed that it has suffered from a cyber attack, almost exactly a year after it was last breached.
In a statement on its website, the company said it detected unauthorised activity on its network on 5 October, which resulted in a system failure.
“Casio Computer Co., Ltd. confirmed that its network had been illegally accessed by a third party on October 5th of this year,” the company said in a statement translated from Japanese.
“After conducting an internal investigation, it was determined that the unauthorised access had caused a system failure, resulting in the inability to provide some services.”
The company added that it has launched an investigation into the breach to determine if any data has been accessed or compromised.
“We are currently investigating the details, and an external specialist agency is also investigating to confirm whether any personal information or other important information has been leaked,” it said.
“After becoming aware of the unauthorised access, we promptly reported it to the relevant authorities and have implemented measures such as restricting access from outside.
“We deeply apologise for causing great concern and inconvenience to all those involved.”
Casio did not disclose the nature of the incident, and no threat actors have claimed to be behind the cyber attack.
Cyber Daily has reached out to Casio for additional commentary.
Almost exactly a year ago today (12 October 2023), Casio said it discovered evidence to suggest that a threat actor had gained access to personal customer data on its systems, a day after it discovered that a database for its ClassPass education platform had failed within its development environment.
According to the company, the threat actor gained access to 91,921 records within Japan alone, belonging to both individuals and 1,108 educational institutions. The attackers accessed an additional 35,049 records belonging to customers in an additional 148 countries.
The data accessed in the incident was extensive, including customer names, email addresses, countries of residence, service usage information and purchase information, including order details, payment methods and license codes.
Credit card information was not compromised in the breach, as Casio doesn’t store that information on the affected database.
The company said that the breach likely came after the company disabled some of its network security measures in light of the database failure.
“At this time, it has been confirmed that some of the network security settings in the development environment were disabled due to an operational error of the system by the department in charge and insufficient operational management,” the company said in an official statement.
“Casio believes these were the causes of the situation that allowed an external party to gain unauthorised access.”