Thought Leadership
Japanese electronics manufacturer Casio has published new details on the ransomware incident from October 2024. Following the conclusion of the investigation, it is now clear that the personal data of around 8,500 people was compromised.
The cyberattack occurred on October 5, when ransomware actors used phishing tactics to infiltrate the company’s network and cause an IT system outage. The attack was claimed a few days later by the “Underground” ransomware group, which threatened to release confidential documents, financial records and employee data.
Different groups of people affected
Casio has now announced that the following data has been compromised:
Names, personnel numbers, email addresses, departmental affiliations and sensitive personal information such as dates of birth and tax numbers were stolen from 6,456 employees. The names, email addresses, telephone numbers and company information of 1,931 business partners were stolen. In some cases, ID card data was also affected.
The delivery addresses, names, telephone numbers and purchase and product data of 91 customers for items that required delivery and installation were compromised. In addition, internal documents such as invoices, contracts and meeting documents were stolen.
No negotiations with blackmailers
The company emphasizes that it has not responded to the cybercriminals’ demands. “After consulting with law enforcement, outside counsel and security experts, Casio has not responded to the ransomware group’s unreasonable demands,” the statement reads.
Although some employees received unsolicited emails that are presumably linked to the ransomware incident, no consequential damage has yet been reported for those affected, partners or customers. The databases with general customer data and credit card information were not affected.
Systems largely restored
According to Casio, most of the affected services are now running normally again, although some systems still need to be restored. Although the CASIO ID and ClassPad.net platforms were not affected by this ransomware attack, they were the target of a separate security incident in October 2024.
Casio has started to inform the affected persons individually about the incident. The company is now strengthening its security measures to prevent similar incidents in the future.
