CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Data Breaches

Japanese Watchmaking Giant Seiko Confirms Personal Data Stolen in Ransomware Attack

Japanese watchmaking giant Seiko has confirmed that personal information was stolen in a recent ransomware attack.

Japanese watchmaking giant Seiko has confirmed that the ransomware attack discovered a few months ago resulted in a data breach affecting customers, business partners, and employees.

Seiko revealed on August 10 that it had identified a possible data breach in late July. The company said at the time that hackers had gained access to at least one server and its investigation showed that some information may have been compromised.   

Roughly ten days later, the ransomware group known as BlackCat and ALPHV took credit for the attack and started leaking files taken from Seiko after the company refused to respond to its extortion attempts. 

The cybercrime group claimed to have stolen over 2Tb worth of files, including employee information, production technology details, video and audio recordings of management meetings, emails, and copies of passports belonging to employees and foreign visitors. 

At the time, they threatened to leak or sell the data unless their demands were met, and in mid-September they made all the information public on their Tor-based leak website. 

Seiko released another statement on the incident on Wednesday, confirming that a total of roughly 60,000 personal data records associated with Seiko Group Corporation (SGC), Seiko Watch Corporation (SWC), and Seiko Instruments Inc. (SII) were compromised.

According to Seiko, compromised data includes SWC customer information, including names, addresses, phone numbers, and email addresses. The company says payment card information was not stolen. 

In addition, the attackers stole SGC, SWC, and SII business partner information such as name, job title, company affiliation, and company contact details.

The names and contact information of current and former employees, as well as job applicants, was also stolen by the ransomware group. 

Advertisement. Scroll to continue reading.

“As part of our ongoing response, we temporarily blocked external communication with the affected servers and have installed EDR (Endpoint Detection and Response) systems on all servers and PCs to detect unauthorized activity. We have also implemented measures such as multi-factor authentication to prevent further breaches,” Seiko said.

The cybersecurity measures implemented by Seiko in response to the incident are basic and they should be implemented by all organizations proactively, not in response to a significant data breach. 

Related: MGM Resorts Says Ransomware Hack Cost $110 Million

Related: Authorities Shut Down RagnarLocker Ransomware Infrastructure

Related: CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.