Imaging solutions company Canon recently suffered an outage which may be caused by ransomware, said infosec site Bleeping Computer. Allegedly, about 10TB of data from multiple services have been stolen.
According to Bleeping Computer, Canon’s newly released image.canon cloud storage service had a suspicious outage on July 30, 2020. This incident resulted in the loss of data users stored in the company’s free 10GB offer.
Canon released constant updates from the start of the outage until the service went back online on August 4, 2020.
However, Bleeping Computer noted a “strange” remark in its update saying that “some of the photo and video image files saved in the 10GB long-term storage... were lost.” Nevertheless, the company indicated that “there was no leak of image data.”
The infosec online publication investigated the matter on the suspicion of a ransomware attack. It was able to obtain information from an unnamed source who shared a company-wide memo stating that Canon is facing “wide spread system issues affecting multiple applications, Teams, Email, and other systems.”
The report showed a list of Canon domains affected by the incident including canonusa.com, usa.canon.com, and canconhelp.com.
Maze Ransom Note
The team’s investigation led them to a partial screenshot of what appears to be a ransom note from attackers who identified themselves as associated with Maze ransomware, a human-operated outfit that targets enterprises.
The note read, “We hacked your network and now all your files, documents, photos, databases, and other important data are safely encrypted with reliable algorithms.” The reported note offered to release the data if the company contacts them immediately.
The attackers also threatened to leak info about the breach within 3 days and the stolen data within 7 days.
Bleeping Computer got in touch with the hackers who claimed that they store 10TB of data, private databases, and other similar info. It was also revealed that the attack occurred on the morning of August 5, 2020.
The Maze attackers, however, denied any links to the earlier outage on Canon’s cloud storage service.
Forbes reached out to the company regarding this matter. A spokesperson remarked that they are in the process of probing the issue. Bleeping Computer also received the same response when it contacted the firm.
Meanwhile, Maze has victimized a number of enterprises including LG, Xerox, MaxLinear, Chubb, and even government websites such as the City of Pensacola, Florida.
