Canon USA may have lost a large amount of data due to ransomware attack



According to a survey published by

Bleeping Computer, a PC-related technical information website, 'Canon USA has been attacked by MAZE 's ransomware, and some private databases etc. have been lost, resulting in internal e-mails, websites, applications, etc. There may be an impact.'

Canon confirms ransomware attack in internal memo
https://www.bleepingcomputer.com/news/security/canon-confirms-ransomware-attack-in-internal-memo/

Canon's cloud platform has lost users' files – and it CAN'T restore them | Digital Camera World
https://www.digitalcameraworld.com/news/canon-websites-held-to-ransom-by-hackers

Bleeping Computer's Lawrence Abrams questioned that the data loss that occurred in the cloud platform ' image.canon ' operated by Canon ' may be due to a ransomware attack' and started an independent investigation. image.canon is a service that provides 'short-term storage storage that can store uploaded data for up to 30 days' and 'long-term storage storage that can store up to 10 GB data per user indefinitely', July 30, 2020 Some data is lost due to a long-term storage failure.

Canon announced on August 7, 2020, 'When switching the cause of data loss to a new version of software that controls the image.canon service, the program code that controls the short-term storage is the short-term storage function. And both long-term storage features worked, resulting in some loss of images stored for more than 30 days.'

Abrams directly contacted the Canon IT department regarding the presence or absence of a ransomware attack and received the following image. The image below is a message sent to the inside of Canon USA stating, 'A wide range of system issues affecting multiple applications, teams, emails, and other systems may not be available at this time.' I am.



Abrams also obtained the following screenshot that seems to be a monetary demand against Canon USA, and determined that there was a ransomware attack by MAZE from the content described.



When Mr. Abrams contacted the hacking group for the MAZE ransomware attack, he admitted that the hacking group had attacked Canon USA to steal 10 TB of data and private databases, but the requested amount, stolen data We did not reveal any information about the attack, such as evidence of. Abrams also said, 'I thought that the termination of image.canon was due to a ransomware attack, but they taught me that MAZE was not the cause.' Reported that there was no association between data loss and MAZE.

In addition, Canon announced that 'unauthorized access to image.canon was not found, and there was no leakage of images.' Of the data lost in image.canon, the video cannot be restored, and the still image can only be restored to the thumbnail image. In response to this situation, Hacker News, a social news site, is arguing that Canon's countermeasures against faults, such as 'What happened to backups' and 'Is there only replication?'

Canon's cloud platform has lost users' files and can't restore them | Hacker News
https://news.ycombinator.com/item?id=24196131

in Security, Posted by darkhorse_log