Canon USA may have lost a large amount of data due to ransomware attack
PC-related technical information websiteBleeping ComputerAccording to the survey results released byMAZERansomware attack, and some private databases have been lost, possibly affecting internal e-mail, websites, applications, etc.”
Canon confirms ransomware attack in internal memo
Canon's cloud platform has lost users' files – and it CAN'T restore them | Digital Camera World
Lawrence Abrams of Bleeping Computer is a cloud platform operated by Canon.image.canonI wondered if the data loss that occurred in "is due to a ransomware attack," and I started my own investigation. image.canon is a service that provides "short-term storage that can store uploaded data for up to 30 days" and "long-term storage that can store up to 10 GB of data per user indefinitely", July 30, 2020 Some data is lost due to a long-term storage failure.
CanonAnnounced on August 7, 2020Then, when switching the cause of data loss to a new version of software that controls the image.canon service, the program code that controls the short-term storage function works with both the short-term storage function and the long-term storage function. As a result, some of the images stored for 30 days or more were lost."
Abrams directly contacted the Canon IT department regarding the presence or absence of a ransomware attack and received the following image. The image below is a message sent to the inside of Canon USA stating, "A wide range of system issues affecting multiple applications, teams, emails, and other systems may not be available at this time." I am.
Abrams also obtained the following screenshot that seems to be a monetary demand against Canon USA, and determined that there was a ransomware attack by MAZE from the content described.
When Mr. Abrams contacted the hacking group for the MAZE ransomware attack, he admitted that the hacking group had attacked Canon USA to steal 10 TB of data and private databases, but the requested amount, stolen data We did not reveal any information about the attack, such as evidence of. Abrams also said, "I thought that the termination of image.canon was due to a ransomware attack, but they taught me that MAZE was not the cause." Reported that there was no association between data loss and MAZE.
In addition, Canon announced that "unauthorized access to image.canon was not found, and there was no leakage of images." Of the data lost in image.canon, the video cannot be restored, and the still image can only be restored to the thumbnail image. In response to this situation, Hacker News, a social news site, has been arguing over how Canon's fault countermeasures were, "what happened to backups?" "Is there only replication?"
Canon's cloud platform has lost users' files and can't restore them | Hacker News