Canon allegedly hit by Maze ransomware, 10TB data stolen1 min read . Updated: 06 Aug 2020, 01:39 PM IST
- Canon's IT service has reportedly sent a company-wide notification regarding widespread system issues affecting multiple applications and services
NEW DELHI: After last week's outage at Canon's cloud storage service-- image.canon--the Japanese company is now believed to have been hit by a ransomware attack which has impacted services such as internal emails, Teams, multiple websites and applications, according to Bleeping Computer.
Mint has reached out to Canon and is waiting for more details on this.
Canon's IT service has reportedly sent a company-wide notification regarding widespread system issues affecting multiple applications and services. Bleeping Computer has access to the notification.
As of now, Canon US website is unavailable.
It is now believed that the attack was the handiwork of Maze ransomware operators, who have stolen 10TB of data and have threatened to publish all of it online if the company doesn't pay in 10 days.
Maze ransomware operators have denied any role in last week's outage at image.canon.
Probing last week's outage, Canon had found that some photo and video image files saved in the 10GB long-term storage prior to June 16, 2020, 9:00am (JST) were lost. Canon had confirmed that there was no leak of image data.
After the issue was resolved, image.canon service resumed on 4 August.
Several large organisations including Cognizant and Xerox have been targeted by Maze ransomware in the last few months.
The operators behind Maze steal valuable company data before disrupting their operations. The stolen data is then used to exercise leverage and force companies into paying.
"The ransomware attack on Canon is yet another example of the Maze gang's sustained and brazen targeting of enterprises. Many of these attacks start by exploiting external services or simple phishing campaigns. The successful campaigns will often be followed by living-off-the-land techniques, abusing over-privileged and under-protected accounts, and hiding in plain sight," said John Shier, senior security advisor, Sophos.