Multinational corporation Canon reportedly fell victim to a ransomware attack launched by Maze group against its email and storage services and its United States website on July 30. Maze has threatened to leak the pics and data if a crypto ransom is not paid.
The image.canon site was out for six days, during which it showed updates. It went back into service on Aug. 4. Canon put out a statement that day about the attack, saying there had been no leak of image data, nor thumbnails of the photos stored in its cloud service.
However, the severity of the attack was confirmed on Aug. 5 by BleepingComputer, which said the ransomware gang claimed it had managed to steal almost 10 TB of photos, files and other data. The publication reported a notification sent by Canon’s IT department through their company-wide network that confirmed “widespread system issues” had affected multiple applications.
Unusually, Maze said its attack had not caused the six-day outage.
Speaking with Brett Callow, threat analyst at malware lab Emsisoft, confirmed that the well-known Maze ransomware gang is behind the cyberattacks against the Japanese multinational:
“Whether that includes customers’ photos and videos that were stored in Canon’s long-term storage is impossible to say. Canon does state that some photos and videos were lost, so it seems likely that Maze did have access to that area of the network.”
Callow added that ransomware is used to affect mainly smaller businesses, but larger enterprises are now falling victim with increasing frequency.
Emsisoft’s experts believe that the chance of data being stolen in a particular ransomware attack is now greater than one in 10, quoting a recent study published by the malware lab.
Recently, a U.S.-based independent advisory firm specializing in the consumer and retail sectors was a victim of Maze. They have a number of big clients including former Spice Girl Victoria Beckham.