Japanese electronics company Casio has disclosed that a ransomware attack in October 2024 compromised the personal data of approximately 8,500 individuals.

The breach primarily affected employees and business partners, with a smaller number of customers also impacted.

Details of the Ransomware Attack

The incident occurred on October 5, when cybercriminals used phishing tactics to infiltrate Casio’s network, causing significant IT system disruptions. Five days later, the attack was claimed by the Underground ransomware group, which threatened to release sensitive documents, financial records, project details, and personal data unless a ransom was paid.

Casio quickly confirmed that the attackers had stolen personal information but initially refrained from providing specifics. After concluding an investigation, the company has now revealed the full scope of the data breach.

Exposed Data Breakdown

The compromised data includes the following:

Buy Me a Coffee
  • Employees (6,456 individuals): Names, employee numbers, email addresses, job affiliations, gender, dates of birth, family details, home addresses, phone numbers, taxpayer IDs, and HQ system account information.
  • Business Partners (1,931 individuals): Names, email addresses, phone numbers, company names, addresses, and ID card information for some.
  • Customers (91 individuals): Delivery addresses, names, phone numbers, dates of purchase, and product details for items requiring installation or delivery.
  • Other Documents: Internal files such as invoices, contracts, and meeting materials.

Casio has assured that affected individuals will receive personalized notifications about the breach.

Current Impact and Response

Some employees have reported receiving suspicious emails that may be linked to the data leak. However, Casio has stated that no further harm has been reported to employees, partners, or customers at this time. Importantly, no customer credit card information or sensitive databases were accessed during the attack.

READ
US Sanctions Russian and Iranian Organizations for 2024 Election Interference

The company emphasized that it did not negotiate with the attackers. In a statement, Casio explained:
“Following consultation with law enforcement agencies, outside counsel, and security experts, Casio has not responded to any unreasonable demands from the ransomware group that carried out the unauthorized access.”

Operational Status and Additional Breaches

Most of Casio’s affected services have been restored, though a few remain in recovery. Additionally, the company confirmed that its CASIO ID and ClassPad.net platforms were not impacted by the ransomware attack. However, those services experienced a separate data breach during October 2024.

Casio has committed to strengthening its cybersecurity measures to prevent future incidents and protect its stakeholders.