clock menu more-arrow no yes

Filed under:

Canon also falls victim to an apparent ransomware attack

One week after Garmin paid a multimillion-dollar ransom

If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.

Error displayed when visiting Canon’s USA website.

Just one week after Garmin recovered from a ransomware attack, data and systems belonging to Japanese tech firm Canon are reportedly now being held hostage. BleepingComputer reports that 10TB of company data has been stolen as Canon suffers widespread ongoing system outages.

More than two dozen Canon-owned domains have been affected by the outage. Canon’s USA website currently says it’s down for maintenance although its global and Japanese websites seems unaffected.

An internal email from Canon IT reportedly said that the company is experiencing “wide spread system issues affecting multiple applications, Teams, Email, and other systems may not be available at this time.” BleepingComputer also obtained a partial screenshot of the alleged ransom note sent to Canon that identifies Maze ransomeware used in the attack.

Partial ransom note from Canon attackers.
Image: Bleeping Computer

Unlike the WastedLocker ransomeware reportedly used in the Garmin attack, Maze encrypts internal systems and exfiltrates data. When contacted by BleepingComputer, the hacking group behind the Maze attack said they stole “10 terabytes of data, private databases etc” from Canon. The data could end up on data leak sites if Canon refuses to pay the ransom. Garmin reportedly paid a multimillion-dollar ransom to restore access to its systems.

When reached for comment by The Verge and asked about the veracity of BleepingComputer’s reporting, Canon said it was investigating the situation.