Japanese camera giant Canon has confirmed that a ransomware attack that targeted its network in July this year resulted in the compromise of file servers that stored the personal information of present and former employees from 2005 to 2020 and their beneficiaries and dependents.
In August, Canon USA announced that it temporarily suspended both the mobile application and web browser service of image.canon after discovering that a portion of users’ still image and video image data stored in the cloud photo platform was lost.
The loss of users’ still image and video image data stored in a 10GB long term storage database was discovered on 30th July. Even though the image.canon service was restored on 4th August, Canon said that users will not be able to download or transfer still image thumbnails in the 10GB long-term storage.
According to Bleeping Computer, while dealing with the outage, Canon also suffered a major ransomware attack carried out by hackers behind the Maze ransomware who successfully exfiltrated up to 10 terabytes of data stored in Canon’s private databases.
A message sent by Canon’s IT service centre to the company’s employees revealed that the company was experiencing “widespread system issues” affecting multiple applications, Teams, Email, and other internal systems. The cause of the system issues, however, was not revealed by the company.
In a data security incident notification posted on its website last week, Canon said the ransomware attack, that took place between 20th July and 4th August, resulted in hackers accessing file servers that contained information about current and former employees from 2005 to 2020 and their beneficiaries and dependents.
“We identified a security incident involving ransomware on August 4, 2020. We immediately began to investigate, a cybersecurity firm was engaged, and measures were taken to address the incident and restore operations. We notified law enforcement and worked to support the investigation. We also implemented additional security measures to further enhance the security of our network.
“We determined that there was unauthorized activity on our network between July 20, 2020 and August 6, 2020. During that time, there was an unauthorized access to files on our file servers. We completed a careful review of the file servers on November 2, 2020 and determined that there were files that contained information about current and former employees from 2005 to 2020 and their beneficiaries and dependents.
“The information in the files included the individuals’ names and one or more of the following data elements: Social Security number, driver’s license number or government-issued identification number, financial account number provided to Canon for direct deposit, electronic signature, and date of birth.,” the company said.
Stating that it regrets that the incident was allowed to occur, Canon said it has arranged for affected present and former employees and their beneficiaries and dependents to receive a complimentary membership to Experian’s® IdentityWorks credit monitoring service that helps detect possible misuse of an individual’s information and provides the individual with identity protection services.