Canon may have fallen into ransomware that stole 10TB of data

Photographic equipment and printer maker Canon may have suffered large-scale ransomware in the last week. For several days, a number of domains related to the company have been down, and now a group has acknowledged authorship of the attack.

According to the website Bleeping Computer, the criminals known as Maze were responsible for the ransomware, that hijacked data, affected security, and immobilized the company’s activities. The attack would have taken down the email and videoconferencing system, several websites and even internal tools. Furthermore, 10TB of files from Canon’s storage system would have been stolen in the operation.

The source consulted by the site shared a screenshot of the supposed ransomware “rescue ticket”, but the veracity of the document has not been proven. The Maze group claims that it will distribute the 10 TB of files if an established amount is not paid. There is no information about stolen or compressed internal data. They have already claimed responsibility for other similar crimes involving giants like LG, Xerox and even the system of an entire US city.

The alleged data hijacking ticket and files with payment instructions.
The alleged data hijacking ticket and files with payment instructions.Fonte:  Bleeping Computer

Recently, the smartwatch company Garmin was also a victim of ransomware and had several operations halted for a few days until activities resumed.

Two attacks?

Interestingly, the site even reports that the image.canon cloud storage service went down between July 30th and August 4th because of a “problem” detected by the company. She guarantees that data has not been stolen, but the statement caused strangeness in the community.

The warning about failures in the hosting service.
The warning about failures in the hosting service.Fonte:  Bleeping Computer

In addition, the Maze group claims it had nothing to do with this activity, leading to speculation that Canon may have suffered two near-simultaneous attacks in recent days.

Consulted by Bleeping Computer, Canon says it is currently investigating the situation, without providing further details. Canon’s global and national website has returned to the air, but the global page remains suspended.

Previous post Tips on what to do before selling your used cell phone
Next post Security: How to find out if someone has tried to use your computer