Multinational corporation Canon reportedly fell victim to a ransomware attack launched by Maze group against its email and storage services and it’s U.S. website on July 30th. Maze has threatened to leak the pics and data if a crypto ransom is not paid.
The image.canon site was out for six days during which it showed updates. It went back into service on August 4th. Canon put out a statement that day about the attack saying there had been no leak of image data, nor thumbnails of the photos stored in the cloud service.
However the severity of the attack was confirmed on August 5 by BleepingComputer which said the ransomware gang claimed it had managed to steal almost 10 TB of photos, files and other data. The publication reported a notification sent by Canon’s IT department through their company-wide network that confirmed that “widespread system issues” affected multiple applications.
Unusually, Maze said its attack had not caused the six day outage.
Speaking with Cointelegraph, Brett Callow, threat analyst at malware lab Emsisoft, confirmed that the well-known Maze ransomware gang is behind the cyberattacks against the Japanese multinational:
“Whether that includes customers’ photos and videos that were stored in Canon’s long-term storage is impossible to say. Canon does state that some photos and videos were lost, so it seems likely that Maze did have access to that area of the network.”
Callow adds that ransomware used to mainly affect smaller businesses, but larger enterprises are now falling victim with increasing frequency.
Emsisoft’s experts believe that the chance of data being stolen in a particular ransomware attack is now greater than one in ten, quoting a recent study published by the malware lab.
Recently, a US-based independent advisory firm specializing in the consumer and retail sectors was a victim of Maze. They have a number of big clients including former Spice Girl, Victoria Beckham.