Canon: Ransomware Attack Exposed Employee Data
Healthcare Info Security
Canon USA has finally acknowledged that a ransomware attack earlier this year involved the theft of corporate data, including employee information.
In a Nov. 25 notification statement, the imaging company says it contacted law enforcement officials after the attack and hired a security firm to help in the investigation.
Canon now says the attackers first gained access to the network in July. While the company did not release specific details about the attack, the apparently now-defunct Maze gang claimed credit for the incident at the time and posted a small sample - about 2.5GB - of data on its darknet site as proof of the attack (see: Maze Reportedly Posts Exfiltrated Canon USA Data).
"We determined that there was unauthorized activity on our network between July 20, 2020, and August 6, 2020. During that time, there was unauthorized access to files on our file servers," according to the notification sent out Wednesday.
After concluding the ...