After struggling a cyberattack again in August, Canon has lastly publicly confirmed that the assault was attributable to ransomware and the cybercriminals accountable stole knowledge from its firm servers.
The digital camera producer’s IT division issued a discover to workers on August 5 explaining that the corporate was struggling “widespread system points affecting a number of purposes, Teams, e mail and different programs”, however didn’t provide additional rationalization.
Canon then performed an investigation into the incident and located proof of unauthorized exercise on its community between July 20 and August 6. In accordance with the corporate, the attackers had managed to entry its file servers which additionally hosted “details about present and former staff from 2005 to 2020 and their beneficiaries and dependents”.
Primarily based on a partial screenshot of the ransom be aware obtained by BleepingComputer, it was clear that the Maze ransomware group was accountable. Then shortly after the assault, the group reached out to the information outlet to tell them that that they had stolen 10TBs of information from Canon.
Stolen worker knowledge
In a current notice of data security incident, Canon confirmed that knowledge accessed by the cybercriminals behind the August cyberattack included the names, Social Safety numbers, dates of beginning, driver’s license numbers, checking account numbers and digital signatures of its present and former staff.
Though the corporate is simply making this info public now, it did inform its staff of the matter through an inside safety discover that was despatched out simply after the assault on August 6.
The Maze ransomware group is answerable for a lot of cyberattacks in opposition to giant organizations together with LG, Xerox, Allied Common, Southwire, Metropolis of Pensacola and Canon. Nevertheless, earlier this month on November 1, the group formally shut down its operations which had started a couple of 12 months and a half earlier in Could of 2019.
Present and former Canon staff affected by the incident can attain out to Equifax, Experian and TransUnion as they’re all offering identity theft protection companies for victims of the cyberattack.
By way of BleepingComputer