Security News > 2020 > November > Canon publicly confirms August ransomware attack, data theft
Canon has finally confirmed publicly that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers.
In a public announcement on Wednesday evening, Canon says that the data accessed by the attacker included employees' names, Social Security number, date of birth, the number for the driver's license number or government-issued ID, the bank account number for direct deposits from Canon, and their electronic signature.
Shortly after the attack, Maze ransomware told BleepingComputer that they had stolen from Canon 10 terabytes of data and private databases before detonating the file-encrypting malware on August 5.
Canon issue and the general Canon USA outage caused by the attack were unrelated.
While it took three months to confirm the ransomware attack publicly, Canon admitted the nature of the security incident to its employees in an internal security notice on August 6.
News URL
Related news
- Kidney dialysis firm DaVita hit by weekend ransomware attack (source)
- Ahold Delhaize confirms data theft after INC ransomware claims attack (source)
- Interlock ransomware gang pushes fake IT tools in ClickFix attacks (source)
- Interlock ransomware claims DaVita attack, leaks stolen data (source)
- Ransomware attacks are getting smarter, harder to stop (source)
- Hitachi Vantara takes servers offline after Akira ransomware attack (source)
- Marks & Spencer breach linked to Scattered Spider ransomware attack (source)
- Ukrainian extradited to US for Nefilim ransomware attacks (source)
- US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks (source)
- Co-op confirms data theft after DragonForce ransomware claims attack (source)