Canon reportedly suffers ransomware attack where 10TB of data was stolen

Share on facebook
Share on twitter
Share on linkedin
Share on email

Last week Garmin suffered unexpected outages to many of its online services, with it later reported that the company suffered a ransomware attack, eventually acquiescing to the demands of hackers.

Now it appears as if Canon has suffered a similar fate, with Bleeping Computer reporting that the US side of the camera makers business has hit by a Maze ransomware attack.

At the time of writing, Canon cannot corroborate the report, but the company has said it is investigating the situation, which does not bode well.

In terms of what has been impacted by this attack, it is believed that as many as two dozen Canon-owned sites are down, resulting in widespread system outages. Canon’s IT department has reportedly told the publication that it is currently experiencing, “wide spread system issues affecting multiple applications, Teams, Email, and other systems may not be available at this time.”

Added to this is Bleeping Computer noting that up to 10TB of user data may have been stolen. It remains to be seen what information is contained within said stolen data, but an alleged ransom note suggests that Canon has been given three days to comply with the attackers demands.

Precisely how much they are demanding is unclear, but Garmin is said to have paid a multi-million dollar ransom, so the attackers will likely look for similar compensation.

Whether Canon will comply remains to be seen, but it shows once again that COVID-19 and lockdown has proved highly lucrative for cybercriminals.

“The ransomware attack on Canon is yet another example of the Maze gang’s sustained and brazen targeting of enterprises. Following other recent high profile attacks, this latest salvo should be a wake-up call to all the enterprises who haven’t taken the time to assess their security posture and bolster their defenses against these pernicious adversaries,” said senior security adivsor at Sophos, John Shier.

“Enterprises must take the time to ensure they’ve built a strong security foundation, which includes investment in both prevention and detection technologies today if they don’t want to be a victim tomorrow,” the advisor added.

As this is a developing story, we’ll be sure to share updates once the situation becomes clearer.

[Image – Photo by Owen Young on Unsplash]

Robin-Leigh Chetty

Robin-Leigh Chetty

Editor of Hypertext. Covers smartphones, IoT, 5G, cloud computing and a few things in between. Also a keen photographer and dabbles in console games when not taking the hatchet to stories.