Canon is still investigating the incident but Maze ransomware group is reportedly boasting about breaking into Canon’s cyberinfrastructure.
About a week ago, Canon the camera maker found out that its cloud storage at image.canon had a glitch which was resulting in the loss of some of the user data uploaded to the service prior to June 16, 2020. Reacting to this discovery, the company suspended the service and restored it back on 4 August.
Although Canon’s statement on the other hand was that some of the images and videos have been lost, there has been no data leak. Even so, a few days later, another incident not so good for the firm occurred.
See: White hat hackers infect Canon DSLR camera with ransomware
The ordeal started when a company-wide notice was sent at 6 AM yesterday on 5 August from Canon’s IT department stating the unavailability of many services due to an unidentified issue.
This for the public also resulted in the unavailability of a number of their websites including the main USA site which displays the following note for visitors currently:
However, it turns out this is more than just an unavailability issue. According to a report by BleepingComputer, it is believed that the firm suffered a ransomware attack by infamous group Maze resulting in approximately 10TB worth of data being stolen.
In response, BleepingComputer has published a screenshot that they claim to be the ransom note left by Maze:
Talking to the ransomware operators, the researchers have revealed that the former was not willing to disclose any further details such as the amount of money demanded and the type of data stolen. Nonetheless, it has been clarified that the image and video data loss issue was not related to the ransomware.
See: Cloud hosting firm Blackbaud pays ransom even after thwarting ransomware attack
To conclude, for the future, either Canon will be forced to pay the amount demanded or Maze ransomware group may reveal all the details and data stolen publicly placing the privacy of the company’s users at risk.
For your information, the Maze ransomware group was also behind the hacking of:
US Nuclear contractor
Banco de Costa Rica card data
Top US aerospace services provider
Algeria’s state-owned oil firm Sonatrach and several other high-profile companies.
Users meanwhile can change any sensitive details belonging to their Canon accounts such as passwords that they are re-using on other sites. This would help mitigate the breach’s effects.