Canon Hit by Maze Ransomware Operators; 10TB of Data Allegedly Stolen
Canon Inc., a Japanese multinational corporation specialized in optical and imaging products, has allegedly fallen victim to a ransomware attack deployed by the infamous Maze group.
According to BleepingComputer, which broke the story, Canon”s IT department sent out a company-wide notice informing workers that “Canon USA is experiencing wide spread system issues, affecting multiple applications, Teams, Email and other system may not be available at this time.”
Multiple Canon-related websites are also down, including canonusa.com, usa.canon.com, canonhelp.com, imageland.net, consumer.usa.canon.com, cusa.canon.com, and more. Visiting them brings up an Internal Server Error message.
The security and technology news publication says it obtained a snippet of the alleged ransom note left behind by the attackers.
Were you a victim of a data breach? Time to find out with Bitdefender”s Digital Identity Protection tool.
“We hacked your network and now all your files, documents, photos, databases, and other important data are safely encrypted with reliable algorithms,” the ransom note said. “You cannot access the files right now. But do not worry. You can get it back! It is easy to recover in a few steps. We have also downloaded a lot of private data from your network, so in case of not contacting us as soon as possible this data will be released. If you do not contact us in 3 days we will post information about your breach on public news websites and after 7 days thee whole downloaded info.”
The letter continues with specifics on how to contact the Maze operators and a warning that the only way to restore encrypted data is by paying up.
Bleeping Computer says it contacted the ransomware gang, which confirmed that the attack was conducted on August 5. Although the cybercriminals refused to reveal any additional information such as ransom amount or screenshots of exfiltrated data, they claimed that “10TB of data and private databases” were stolen from Conon”s servers.
A suspicious incident regarding an outage impacting users of image.canon website was also reported on July 30.
“On July 30, 2020, we identified an issue involving the 10GB long-term storage on image.canon,” the notification reads. “In order to conduct further investigation, we temporarily suspended both the mobile application and web browser service of image.canon. After the investigation, we identified that some of the photo and video image files saved in the 10GB long-term storage prior to June 16, 2020 9:00am (JST) were lost. We confirmed that the still image thumbnails of the affected files were not affected, and there was no leak of image data. After having resolved the issue that resulted in the loss of the photo and video image files, we resumed the image.canon service as of August 4, 2020.”
However there is no evidence that the two incidents are related, and the ransomware attackers have denied any involvement in the outage.
Canon has yet to release a statement detailing the incident. But taking into consideration their outage and internal communication, the alleged ransomware attack will likely be confirmed.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021