iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Japanese technology multinational Casio says that the cyber attack it suffered in October last year compromised the data of 8,500 people.
In October, Casio announced that it detected unauthorised activity on its system, resulting in a system failure.
While the threat actor behind the incident was initially unknown, the Russian threat group Underground, which appeared for the first time only a few months ago, claimed the incident on its dark web leak site, saying it had stolen 204.9 gigabytes of data.
In a statement on its website, it said that personal data may have been leaked, something it confirmed only days later on 11 October.
“We are still conducting an investigation, with the assistance of outside security experts, to determine the information on the company and its affiliated companies that may have been leaked and the scope of the impact, etc.,” said Casio.
Now, Casio has disclosed that 8,478 individuals were affected in the breach.
“With the assistance of an external security specialist organisation, Casio has been conducting a forensic investigation to identify the cause of this unauthorised access and to confirm the damage.
“Upon completion of the investigation as far as possible, Casio would like to report that some of its internal documents, including personal information, have been leaked.”
Current and former employees made up most of the affected, with 6,456 individuals having had their name, employee number, email, gender, date of birth, phone number, address, taxpayer ID number, family details, HR information and HQ system account data exfiltrated.
Additionally, 1,931 business partners had their namse, email addresses, company name and addresses, and phone numbers leaked. Two also had their ID card data leaked, while nine people who interviewed with Casio for employment also had their data leaked.
While only a small proportion of those affected, 91 customers were also affected, with names, phone numbers, purchase dates, delivery addresses, and names of products purchased for those needing delivery and installation.
On top of this, Casio said that a number of documents and data relating to business operations were also exfiltrated, including invoices, contracts and sales with business partners, meeting minutes and other materials, and internal systems data. The company did say that no insider-related data was leaked.
“Casio would like to reiterate its deepest apologies to all parties involved for any inconvenience caused,” the company said.
Be the first to hear the latest developments in the cyber industry.
