Thursday, January 23, 2025
HomeCyber Security NewsCasio Hacked - Servers Compromised by a Ransomware Attack

Casio Hacked – Servers Compromised by a Ransomware Attack

Published on

SIEM as a Service

Follow Us on Google News

Casio Computer Co., Ltd. has confirmed a significant cybersecurity breach after its servers were targeted in a sophisticated ransomware attack.

The incident, which occurred on October 5, prompted an immediate forensic investigation involving external security specialists.

Casio deeply regrets any inconvenience this has caused to customers and stakeholders. The investigation revealed that unauthorized access was obtained overseas, leading to system failures and the potential leak of sensitive internal documents.

Casio has issued a series of updates, including a prior notice on October 8 regarding the unauthorized access and its consequences.

Investigation Findings

Preliminary findings indicate that while Casio has taken considerable steps to enhance its cybersecurity posture in response to a rising wave of cyber threats, gaps in defenses against phishing emails and the security of its global network—including overseas offices—were exploited.

Fortunately, the investigation did not reveal any compromise of customer databases or personal information systems.

However, it has been confirmed that sensitive internal documents containing the personal information of employees and business partners were leaked. The company is diligently working to identify affected individuals and will reach out to them directly.

Personal Information Exposed

The leaked data includes:

  • Employee Information: Details of 6,456 individuals, including names, employee numbers, emails, and internal affiliations. A subset of employees had additional personal information such as gender, date of birth, and even family details disclosed.
  • Business Partner Data: Information on 1,931 contacts across Casio and its subsidiaries, including names, email addresses, and company details.
  • Customer Information: Personal details for 91 customers, specifically related to purchases requiring delivery and installation.

While sensitive internal documents were exposed, Casio clarified that no credit card information or insider-related data was compromised.

In light of this incident, Casio is enhancing its IT security protocols across all operations, especially in its overseas offices.

The company has committed to a thorough review of its information management systems and fortifying employee training regarding cybersecurity practices.

Most services affected by the attack have resumed, although some individual services remain temporarily suspended. Casio has expressed sincere apologies for the disruption faced by its users and stakeholders.

Casio has noted that some employees have received unsolicited spam emails possibly linked to the breach.

The company urges those affected to refrain from sharing sensitive information via social media to mitigate potential secondary damage.

Casio is cooperating closely with authorities to address this issue and to take action against any malicious activities stemming from the incident.

Casio is dedicated to rectifying this breach and ensuring the continued security of its systems. The company reaffirms its commitment to providing reliable products and services while fostering a safe working environment for its employees and partners.

Casio extends its deep apologies for any distress caused by this unfortunate event.

ANY.RUN Threat Intelligence Lookup - Extract Millions of IOC's for Interactive Malware Analysis: Try for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks

A new report has put the spotlight on potential security vulnerabilities within the popular...

New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies

The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing...

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...

Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques

CYFIRMA's Research and Advisory team has identified a new strain of ransomware labeled "Nnice,"...