Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack
October 11, 2024
Casio Computer Co., Ltd. (hereinafter referred to as the Company) announced System Failure due to Unauthorized Access to Our Network on its website on October 8, 2024. Subsequently, it was discovered that our servers had been damaged by a third-party ransomware attack, and resulted in the leakage of personal information and confidential internal information held by the Company and its affiliated companies.
We deeply apologize for the concern and inconvenience this may cause to our customers and other concerned parties.
Suspension of Service, etc.
On October 5, a system failure occurred on some of our servers, rendering several systems unusable. After investigating the incident, we confirmed that the servers showed signs of unauthorized access. In response, we requested an outside security specialist to conduct a forensic investigation. On the same day, we took measures to shut down the servers that had suffered unauthorized access from the internet and our internal network, since we suspected a cyber attack using ransomware.
As a result, some important systems within the Company and its affiliated companies have become unusable, and some services have also been affected.
The full extent of the damage is still under investigation, but the Company has set up a task force and is currently working diligently to quickly restore internal systems and resume operations.
We apologize to our customers for any concern and inconvenience this may cause.
Leakage of Personal Information, etc.
We are still conducting an investigation, with the assistance of outside security experts, to determine the information on the Company and its affiliated companies that may have been leaked and the scope of the impact, etc.
The Company consulted with the police on October 6 and with the Personal Information Protection Commission on October 7, and reported the matter by October 9.
<Personal information, etc. that may have been leaked> (as of today)
- Personal information of our employees (including temporary and contract employees)
- Part of personal information of a part of the employees of affiliated companies
- Personal information of business partners of the Company and some of its affiliated companies
- Personal information of certain individuals who have interviewed for employment with us in the past.
- Information about some customers who use services provided by the Company and some of affiliated companies (Credit card information is not included.)
* The CASIO ID and ClassPad.net service systems used for our apps and services run on a different server from the one that affected by this unauthorized access and are not affected by this incident.
* The online sales services provided by the Company and its affiliated companies do not hold customers' credit card information.
<Other information on possible information leaks> (as of today)
- Information related to contracts, invoices, sales, etc. with current and past business partners of the Company and certain of its affiliated companies.
- Internal documents containing legal, financial, human resources planning, audit, sales and technical information of the Company and its affiliated companies.
All of the above cases are currently under investigation.
Please be aware that there is a possibility that your personal information may be misused to send you unsolicited e-mails such as phishing e-mails or spam e-mails. If you receive any suspicious e-mails, please do not open it and delete it.
Request from the Company
Please refrain from spreading this information through social media, etc., as it could increase the damage caused by the leak of information on this case, violate the privacy of those affected, have serious effects on their lives and businesses, and encourage crime.
In the event of the sending of spam emails or related fake information, slander against those who have been the targets of the leaked information, employees of the Company and its affiliated companies, or other nuisance behavior, we will work closely with the police to respond strictly, protect the privacy and safety of all those involved, and strive to minimize secondary damage.
We apologize again to our customers, business partners, and all other concerned parties for any concern and inconvenience this may cause.
We take this situation very seriously, and we will do our utmost to prevent a recurrence by investigating the cause and further strengthening and thoroughly implementing our information security system.
Dedicated contact for inquiries regarding this matter
Customer Service : cs-enquiry@casio.co.jp