Canon suffers a Maze Ransomware attack, 10TB worth of Users' data stolen

Joanna Estrada
August 8, 2020

However, a seemingly contradictory statement raises questions: in their statement, Canon claimed that "some" photo and video image files were "lost".

"After the investigation, we identified that some of the photo and video image files saved in the 10GB long-term storage prior to June 16, 2020 9:00am (JST) were lost".

Multinational corporation Canon reportedly fell victim to a ransomware attack launched by Maze group against its email and storage services and it's US website on July 30th.

If you work at Canon or know someone working there with first-hand information on this incident, you can confidentially contact us on Signal at +16469613731.

The ordeal started when a company-wide notice was sent at 6 AM yesterday on 5 August from Canon's IT department stating the unavailability of many services due to an unidentified issue.

While Canon's been pretty scant on the details of what data's being held on the table here - and how many of its customers might be on the line - Bleepingcomputer reports that the first attack hit Canon's internal systems, including its Microsoft teams and company email accounts, towards the tail end of last month.

As part of this outage, Canon USA's website is now displaying errors or page not found errors when visited. Canon has also posted a note on its website stating the suspension of its mobile app and Web browser service. The attack was from the Maze ransomware, who stated that they stole, "10 terabytes of data, private databases, etc", for their attack on Canon.

Unusually, Maze said its attack had not caused the six day outage.

Once they have harvested the network of anything of value and gain access to a Windows domain controller, Maze will deploy the ransomware throughout the network to encrypt all of the devices. Maze has threatened to leak the pics and data if a crypto ransom is not paid. They have also been responsible for other high profile attacks in the past as well, so we will have to wait and see how the situation develops further.

Update 8/5/20: Article updated to reflect that the outage was not related to the Maze ransomware attack.

Other reports by Click Lancashire

Discuss This Article