Casio Struggles with Ransomware Attack

Japanese electronics giant Casio has verified that many of its systems remain unusable almost two weeks after a ransomware attack hit it

On Thursday, Ayuko Hara, a spokesperson for Casio, stated to TechCrunch that the company is currently facing “no prospect of recovery” as it struggles to recover from the cyberattack.

Hara informed TechCrunch that the company’s servers were rendered inoperable due to a system failure on October 5. Subsequently, the company implemented measures to disconnect the servers to prevent the spread of the damage.

Hara stated that this countermeasure is impacting the schedule of product shipments and the process of receiving and placing orders with suppliers. “While there is currently no indication of recovery, we prioritize our customers as we progress with the recovery process.”

TechCrunch has been informed that these shipping issues only impact customers in Japan. Customers are presented with a prompt that reads, “The shipping date is currently undecided due to an issue with our product shipping system.” At the moment of publication, Casio’s website in the United States appears unaffected.

Casio disclosed on Friday that it had been the target of a ransomware attack. The assailants compromised the personal information of employees, contractors, business partners, job applicants, and sensitive company data. The Underground ransomware group claimed to have obtained the Casio data and posted alleged samples of it on its dark web leak site.

In an interview with TechCrunch, Hara stated that the “hackers left a threatening message indicating their intention to leak our data.” Still, she also noted that Casio had not received a ransom demand. This implies that the organization has not initiated communication with the ransomware group; however, Casio declined to provide an explanation when approached by TechCrunch.

Hara stated that Casio has not yet determined the specific categories of stolen data or the number of individuals who may be affected.

Hara stated, “We have determined that specific information has been compromised; however, the specifics are still being investigated.” “However, we are confident that no credit card information belonging to our customers has been compromised.”

Security specialists have associated Underground with the cybercriminal organization RomCom (or Storm-0978), affiliated with Russia. Underground has claimed to have stolen over 200 gigabytes of data from Casio’s systems. The RomCom group has been associated with cyberattacks perpetrated by security researchers on behalf of the Russian state.

Hara stated that the company is “currently investigating” Underground’s claims when asked whether Casio disputes them.