Casio Admits Ransomware Attack Exposed Employee and Client Data

Casio Computer Co., Ltd. has revealed that it fell victim to a ransomware attack earlier this month, resulting in a partial system outage and the exposure of sensitive data.

The attack, which affected the company’s internal servers, compromised personal information of employees, business partners, and some customers. Although Casio has yet to confirm the source of the attack, the “Underground” ransomware group claimed responsibility yesterday.

The incident first came to light on October 5, 2024, when a system failure rendered several of Casio’s servers inoperable. Following an internal investigation, the company discovered signs of unauthorized access, leading them to suspect a ransomware attack. In response, Casio quickly shut down the affected servers and enlisted external security specialists to perform a forensic analysis. Despite these efforts, several critical systems remain unusable, impacting both the company and its affiliates.

According to the company’s latest announcement, the breach resulted in the potential exposure of various types of data:

• Personal information of Casio employees, including temporary and contract staff.
• Data belonging to employees of affiliated companies.
• Personal information of job applicants who had previously interviewed with Casio.
• Information about certain customers, although Casio assured that credit card details were not compromised.

Additionally, confidential internal documents — including legal, financial, and technical records — may have been accessed, along with information related to contracts, invoices, and sales with past and current business partners. Casio has warned affected individuals to remain vigilant against phishing attempts and spam emails, which may result from the data leak.

Casio, a prominent player in the electronics industry, is best known for its wide range of products including calculators, watches, musical instruments, and cameras. The breach represents a significant threat to both the company's reputation and the privacy of its partners and customers. Casio operates across numerous regions and sectors, meaning the fallout from this incident could have wide-reaching implications.

The company took immediate action after discovering the unauthorized access, consulting with police on October 6 and notifying Japan’s Personal Information Protection Commission on October 7. By October 9, the firm had submitted reports to relevant authorities. Casio has also formed a task force to restore its internal systems and prevent further damage, though the full scope of the breach remains under investigation.

While the ransomware group “Underground” claimed responsibility for the attack and also leaked the stolen files in full, Casio has not yet confirmed who attacked them.

Casio urges anyone potentially affected by the breach to be wary of unsolicited emails, especially those that request personal information or contain suspicious links, and report such incidents to the authorities to help track and mitigate the misuse of leaked data.