Canon loses 10TB data in massive ransomware attack: Details here
After Garmin, Japanese tech giant Canon, known for its professional cameras around the world, appears to have fallen victim to a major ransomware attack. The company, according to a report in BleepingComputer, has lost access to as much as 10TB of its data and is currently witnessing outages across a range of its services. Here is all you need to know about it.
Dozens of domains, internal services witnessing outage
Evidently, more than two dozen Canon-owned domains, including the company's US website and help desk, have gone down and are displaying an 'undergoing maintenance' message. Meanwhile, an internal company memo has also informed the employees that Canon USA is experiencing "widespread system issues, affecting multiple applications, [Microsoft] Teams, Email, and [that] other systems may not be available at this time."
Maze ransomware used in the attack
While initially Canon did not issue a statement regarding what was wrong with its services, BleepingComputer managed to obtain a ransom note suggesting it has been hit by a cyber-attack through Maze ransomware. In that note, the attackers claimed that they have stolen private internal files, documents, photos, and databases from the company's network and will release them publicly if not paid on time.
10TB data taken, the hackers claim
In response to BleepingComputer, the hacking grouping behind the ransomware claimed that they have stolen "10 terabytes of data, private databases, etc." in the attack, but denied providing any specific proof. Canon, on its part, has now confirmed the security incident, admitting that the company is suffering the effects of a ransomware attack. Its services also remain down, at the time of writing.
Maze ransomware has targeted some big organizations
The attack against Canon comes mere days after the hack that prompted GPS tech provider Garmin to pay $10 million. However, unlike the WastedLocker malware used in Garmin's case, Maze attacks by spreading laterally through a network, stealing data, and encrypting the system hosting it. Previously, it has been used in attacks against giants like Cognizant, LG, Xerox, Conduent, MaxLinear, and Chubb.