Japanese electronics company Casio has revealed that a cyberattack earlier in October resulted in a breach of sensitive information.
Initially, Casio only mentioned a “system disruption,” but it later confirmed that the incident was a ransomware attack, exposing personal data of employees, contractors, business partners, and some customers.
The company reported that the attackers had accessed a range of information, including human resources files, technical data, and confidential company documents such as contracts and invoices.
Notably, personal information of individuals who had applied for jobs at Casio was also compromised. Although the company clarified that no credit card details were involved, the precise scope of the breach remains under investigation.
While Casio has not named the attackers, a ransomware group known as Underground has claimed responsibility. This group, which has been active since mid-2023, allegedly stole over 200 gigabytes of data and has started leaking some of the stolen information. Underground has ties to the Russia-based cybercrime group RomCom, known for its ransomware activities and alleged intelligence-related operations.
Casio is still working on recovering from the attack, with some of its systems still offline. The company has engaged external cybersecurity specialists to assist in restoring operations and is working closely with law enforcement agencies to manage the aftermath.
Casio urged individuals affected by the breach to remain vigilant, warning them of possible phishing and spam attacks using the compromised data.
The company emphasised the importance of refraining from spreading leaked information, as doing so could further harm those affected. While the full extent of the attack is still being evaluated, Casio is focused on safeguarding the privacy of its stakeholders and minimising further damage.
