Canon has confirmed that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers.
“We identified a security incident involving ransomware on August 4, 2020. We immediately began to investigate, a cybersecurity firm was engaged, and measures were taken to address the incident and restore operations. We notified law enforcement and worked to support the investigation. We also implemented additional security measures to further enhance the security of our network”
Canon says there was unauthorized activity on their network between July 20, 2020 and August 6, 2020. During that time, there was unauthorized access to files on their file servers. They careful review of the file servers on November 2, 2020 and determined that there were files that contained information about current and former employees from 2005 to 2020 and their beneficiaries and dependents.
The information in the files included the individuals’ names and one or more of the following data elements: Social Security number, driver’s license number or government-issued identification number, financial account number provided to Canon for direct deposit, electronic signature, and date of birth.
