In a significant cybersecurity incident, Casio has revealed that an October 2024 ransomware attack compromised personal data of approximately 8,500 individuals. The breach primarily affected employees and business partners, with a smaller number of customers impacted.
Impact Overview:
– Employees (6,456): Personal details including names, employee numbers, email addresses, and tax information
– Business Partners (1,931): Contact information and company details
– Customers (91): Delivery information and purchase details
– Additional compromised data included internal documents, contracts, and meeting materials
The Underground ransomware group claimed responsibility for the October 5 attack, which caused an IT systems outage. The attackers threatened to release confidential information unless a ransom was paid. Casio confirmed they did not negotiate with the cybercriminals and consulted with law enforcement agencies and security experts.
Current Status:
– Most services have been restored to normal operation
– No secondary damage reported to affected individuals
– Customer databases and credit card information remained secure
– Personalized notices being sent to impacted individuals
While CASIO ID and ClassPad.net platforms were not affected by this ransomware attack, these services experienced a separate security breach in October 2024. The company continues to work on recovering remaining affected services and maintaining transparency with stakeholders.