Newsfrom Japan
Tokyo, Dec. 13 (Jiji Press)—Askul Corp., a Japanese retailer specializing in office supplies, has disclosed a ransomware cyberattack first detected in October, resulting in the unauthorized exposure of approximately 740,000 data sets linked to individual customers, corporate clients, and employees. The breach includes around 590,000 data sets primarily associated with the company’s office supply services for businesses, while roughly 130,000 pertain to its e-commerce platform, “Lohaco,” serving individual consumers.
Significantly, Askul confirmed that there has been no indication of leaked credit card information from individual customers and stated that the company did not fulfill any ransom demands from the attackers. This incident marks the first occasion the company has publicly reported the scale of the data compromise.
In response to the incident, Askul has formally notified the Personal Information Protection Commission regarding the confirmed data breach and is proactively reaching out to affected customers and business partners to provide them with necessary updates.
The incident underscores growing cybersecurity concerns in Japan, with businesses increasingly becoming targets for cybercriminals. Utilizing frameworks such as the MITRE ATT&CK Matrix, it is likely that adversary tactics involved in this attack could include methods for gaining initial access, along with maintaining persistence within the network, and potentially escalating privileges to navigate the systems undetected.
As the global landscape for cyber threats continues to evolve, companies are reminded of the importance of implementing rigorous cybersecurity measures. The Askul incident serves as a reminder that even established firms are not immune to cyber threats, and the ramifications of such attacks extend far beyond immediate data loss.
[Copyright The Jiji Press, Ltd.]
