Canon has reported a ransomware attack on its operations through an internal memo to its employees. The attack was claimed to be done by the Maze ransomware group but didn’t provide any detail for verification. Yet, over 10GB data was stolen affecting its domains and internal works. The company also has been affected with image.canon platform, which was different from the former incident.
Canon Reports Ransomware Attack on Its Systems
Initially, as BleepingComputer reported, Canon’s image.canon was down for about six days starting July 30th. The company has been giving updates regularly but didn’t mention the root cause of it specifically. But on August 4th, Canon said that after investigation, they found some files belonging to customers stored on the platform were lost.
But, no images were stolen, and the thumbnails of all of them are available. This raised suspicion when they mentioned about not being stolen! The image.canon site/app is a cloud storage service provided by Canon to its customers, where they can store the images or videos upto 10GB limit.
While more details of this incident weren’t known yet, Canon has reported another incident through an internal memo sent by its IT Service Center, where it said: “widespread system issues affecting multiple applications, Teams, Email, and other systems may not be available at this time.” While it didn’t explain who exactly Infected, BleepingComputer reported it to be the Maze ransomware group.
They have contacted the Maze group to learn that about 10TB worth data was stolen from Canon’s private databases today morning. They didn’t share any samples, proof or the number of systems affected. But, they mentioned that outage of image.canon was done by them. Canon hasn’t replied when asked for more information but said it’s working with external cybersecurity experts to resolve the issue.