Threat Watch

Stolen Canon Data Now Being Published

Last week the image.canon website from Canon USA suffered a service outage, fueling speculation that a ransomware attack had occurred. Although it was not clear whether the website service outage was related, the fact that a ransomware attack occurred has been confirmed. The operators behind Maze claimed responsibility for the attack, telling BleepingComputer that they had stolen over 10TB worth of data from the company. Since then, the company has admitted the attack to employees internally and began recovering systems quickly. When victims of a ransom refuse to pay, many ransomware operators like Maze now publish or sell the stolen data in some form. Maze has recently updated their website to add “5%” of the stolen data in a zip file containing marketing material, videos and files relating to Canon’s website.

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch

ANALYST NOTES

Dealing with ransomware has become an extremely tricky situation due to the trend of data theft before encryption. Binary Defense strongly recommends never paying the ransom demands and instead restoring files from backups. When planning for backups it is important not only to make backups at regular intervals but also to utilize the 3-2-1 rule. Have at least three copies of your data, store the copies on at least two different devices, and keep at least one copy offsite. To prevent attackers from stealing data requires continuous monitoring of systems to recognize attacks in the early stages, investigate to understand the scope of the intrusion and quickly cut off attackers’ access.

Source: https://www.bleepingcomputer.com/news/security/canon-usas-stolen-files-leaked-by-maze-ransomware-gang/

Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support