Connect with us

Hi, what are you looking for?



Canon Says Data Stolen in August 2020 Ransomware Attack

Imaging and optical giant Canon this week revealed that data was stolen in a ransomware attack it fell victim to in early August 2020.

Imaging and optical giant Canon this week revealed that data was stolen in a ransomware attack it fell victim to in early August 2020.

The incident, discovered on August 4, resulted in threat actors having access to Canon’s network between July 20 and August 6.

Leveraging this access, the adversary obtained specific files “that contained information about current and former employees from 2005 to 2020 and their beneficiaries and dependents,” Canon U.S.A. reveals.

Compromised information, the company says, includes names, along with data such as date of birth, Social Security number, driver’s license number, financial account number, government-issued identification number, and electronic signature.

“We wanted to notify our current and former employees and their beneficiaries and dependents of this incident and to assure them that we take it seriously,” Canon notes.

The ransomware family used in this attack was likely Maze, revealed a leaked ransom note that BleepingComputer got hold of in August.

The cybercriminals behind Maze are known for stealing victims’ data in an effort to convince them to pay the ransom, and they even put up a site where data of victims unwilling to pay is made public.

The attack targeting Canon was disclosed to employees within days, a screenshot of an internal message showed. In that message, the company noted that the ransomware attack was unrelated to an outage that affected a portion of long-term storage on, a cloud service for storing photos and videos.

Advertisement. Scroll to continue reading.

At the time, Canon said that, while some files stored in the affected long-term storage were lost, no data leak occurred. In an update published on August 7, the company said that no unauthorized access to was identified.

The Maze ransomware’s operators announced in early November that they closed shop. The group, which claimed to have engaged in ransomware attacks to prove organizations’ poor security practices, is believed to have made millions from its illegal operations.

Related: Pioneers of “Double Extortion” Say Maze Ransomware Project is Over

Related: Maze Ransomware Caused Disruptions at Cognizant

Related: Ransomware Operators Claim They Hacked LG

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...