Cybercrime group 'Black Suit' reveals that KADOKAWA has had 1.5TB of data encrypted in a ransomware attack
In the case of
🚨 #CyberAttack 🚨
— HackManac (@H4ckManac) June 27, 2024
🇯🇵 #Japan : KADOKAWA Corporation, a Japanese media conglomerate, has been listed as a victim by the Black Suit ransomware group.
The hackers allegedly exfiltrated 1.5 TB of data, including:
- Contracts;
- DocuSigned papers;
- Various legal papers;
-… pic.twitter.com/7c8O7SGTGy
According to information published on the dark web by Black Suit, the Black Suit attack team that infiltrated KADOKAWA's network accessed the control center and encrypted the entire network, including KADOKAWA, Dwango, Niconico Video, etc. In addition, they downloaded a total of about 1.5TB of data, including various legal documents, business plan documents, financial documents, user-related data, and project-related data.
After the encryption, Black Suit reportedly contacted Kadokawa's management and made a deal to decrypt the data.
According to Black Suit, KADOKAWA's IT department detected Black Suit's intrusion three days before the encryption and tried to kick it off the network by blocking one of the server IPs and changing the administrator's credentials, but Black Suit managed to avoid detection and the download script continued to run.
Although Kadokawa is trying to reach a settlement, it appears that Black Suit is not satisfied, as 'the amount offered is very low compared to the size of the company.'
All downloaded data is scheduled to be released on July 1, 2024.
Meanwhile, KADOKAWA made an announcement about the current situation on June 27th. As a top priority, they are working on normalizing their core accounting functions and publishing business, and they expect to restore accounting functions, including analog processing, in early July.
[Third Report] Current status of system failures and business activities within the KADOKAWA Group
(PDF file) https://tp.kadokawa.co.jp/.assets/240627_release_z3KYSyvM.pdf
Related Posts:
in Security, Posted by logc_nt