[BreachExchange] Stolen Canon data published online by Maze ransomware group

Destry Winant destry at riskbasedsecurity.com
Fri Aug 14 08:29:54 EDT 2020


https://www.itproportal.com/news/stolen-canon-data-published-online-by-maze-ransomware-group/

 A cybercriminal group operating under the name Maze has released some
of the data stolen from camera manufacturer Canon earlier this month.

The Japanese multinational corporation confirmed it had suffered a
ransomware on August 5, but managed to restore most of its services
relatively quickly, leading to speculation the firm had paid the
ransom.

However, given a portion of the stolen data has ended up online, it
appears the firm has refused to negotiate with the attackers.

Maze published a single .zip file weighing 2.2GB, entitled
“STRATEGICPLANNINGpart62“, which the cybercriminal group said this
represents approximately five percent of all the stolen data.

According to Bleeping Computer, which analyzed a small sample of these
documents, the files seem to originate from the company’s US business
and relate to marketing activities.

To date, no financial or personally identifiable information belonging
to Canon has been published online.

Lately, ransomware operators have taken to lifting corporate data as
well as encrypting systems.

This practice became popular after an increasing number of companies
started regularly backing up their data, setting up advanced antivirus
systems and outright refusing to pay the ransom.


More information about the BreachExchange mailing list