Japanese electronics giant Casio has confirmed that several of its systems remain unusable almost two weeks after being hit by a ransomware attack. A Casio spokesperson, Ayuko Hara, informed TechCrunch that the company sees “no prospect of recovery yet” as it continues to struggle with the aftermath of the cyberattack.
On October 5, Casio’s servers suffered a system failure, rendering many of them inoperable. The company took action to disconnect its servers to contain the damage, which has significantly disrupted its operations.
The server shutdown is affecting Casio’s ability to receive and place orders with suppliers and is also impacting its product shipment schedules. Although the shipping delays seem to be limited to Japan, where customers are informed that shipping dates are undecided, Casio’s U.S. website remains unaffected at this time. Hara reiterated that, while recovery efforts are ongoing, there is still no clear timeline for when normal operations will resume.
On Friday, Casio confirmed that it had fallen victim to a ransomware attack, resulting in the theft of sensitive company data, including personal information related to employees, contractors, business partners, and job applicants. The ransomware group Underground claimed responsibility for the attack and posted samples of the stolen data on its dark web leak site. While the group claims to have stolen over 200 gigabytes of data, Casio is still investigating the full scope of the breach.
Ransom Group Warns of Data Leak
Hara also noted that the attackers left a threatening message about leaking the stolen data but mentioned that no ransom demand had been received. Casio has not yet established contact with the ransomware group and declined to comment further on this matter. The company is still determining which types of data were stolen and how many individuals might be affected. However, Hara emphasized that no customer credit card information had been compromised.
The Underground ransomware group is reportedly linked to the Russia-based RomCom (or Storm-0978) cybercriminal group, which security researchers associate with cyberattacks carried out on behalf of the Russian state. When questioned about Underground’s claims regarding the extent of the stolen data, Hara stated that Casio is continuing its investigation.