Popular camera manufacturer Canon has finally come to the conclusion that it was hit by a pretty far-reaching ransomware attack back in August.
In the attack, sensitive employee data was stolen from Canon’s servers. The company issued a data security incident notice last week. In the notice, Canon explained that a security incident that involved ransomware was identified on August 4th. Canon claims to have taken the necessary steps to address the incident and to restore operations.
The appropriate authorities have been notified and a criminal investigation has initiated. Also, Canon has contracted with an IT security firm for assistance in the investigation.
The investigation so far has shown that hackers responsible for the breach accessed the company’s network illegally between July 20th and August 6th.
This backdoor-access enabled the hackers to obtain information about the company’s former and current employees that worked at the company from 2005 to the present day. The data breach also contained information about the employees’ dependents and beneficiaries.
The data that was stolen has some pretty sensitive information in it. Things like names, dates of birth, and social security numbers. It doesn’t stop there, though. Also included are bank account details, electronic signatures, and driver’s license numbers.
News outlets are reporting that the ‘Maze’ ransomware group is behind the attack. All in all, it is estimated that over 10TB of data was stolen from Canon’s servers.