Share this article on:
Japanese watchmaker Casio has disclosed that the ransomware attack it suffered earlier this month is set to cause delays in the delivery of products up until late this year.
On 5 October, Casio announced that it detected unauthorised activity on its systems, resulting in a system failure.
While the threat actor behind the incident was initially unknown, the Russian threat group Underground, which appeared for the first time only a few months ago, claimed the incident on its dark web leak site, saying it had stolen 204.9 gigabytes of data.
On 11 October, the company confirmed that a ransomware attack had occurred, resulting in some of its systems being disabled and unusable.
As a result, the company faces product backlogs and items requested for repair are facing delayed delivery.
Now, the company has said that its recovery is ongoing and that it aims to have systems restored by the end of November.
“Due to a system failure that occurred on Saturday, October 5th, we are currently experiencing significant delays in the delivery of items requested for repair, and many items are backlogged,” said Casio.
“We are currently continuing our response and aiming to restore the system by the end of November. Therefore, we will temporarily suspend the acceptance of repairs for our personal products until the system is restored.
“We will inform you again when the system will be restored, and applications will resume as soon as it is confirmed.”
In addition, the company confirmed that data was stolen in the ransomware attack, including the personal data of contract and temporary employees and those who were employed by company affiliates and business partners.
The threat actors also reportedly accessed the data of those who interviewed with Casio and its business partners.
According to the company, stolen data includes personal employee information, personal information of business partners of Casio and its affiliate companies, personal information of temporary, contract and interviewed potential employees, information of some customers who used Casio and affiliate company data and “part of personal information of a part of the employees of affiliated companies”.
It also said, in line with Underground’s claims, that data relating to contracts, invoices, sales and more with current and past business partners and its affiliates, as well as other internal documents, may have been exposed.