Panasonic Holdings has revealed that a subsidiary in Canada may have leaked internal information in a cyberattack by a ransomware computer virus that demands a ransom.
The company says that the impact is limited, such as blocking the Internet connection immediately after being attacked.
According to Panasonic Holdings, a subsidiary that sells home appliances in Canada was hit by a cyberattack in February by a ransomware computer virus that demands a ransom.
The company immediately took measures such as cutting off the Internet connection, but on the 5th, it was confirmed that information that seems to have leaked from the company was posted on the dark site on the net.
It is said that the content and scope of information that may have been leaked is being confirmed, but damage to other than this subsidiary has not been confirmed, and the impact is limited.
Regarding the ransom demand, the company states that "a direct demand has not been confirmed."
Panasonic said that the company's network was illegally accessed from June to November last year, but this time it seems to be irrelevant because the method is different.
Hacker group "Conti" declares crime
According to information security companies, a group of hackers calling themselves "Conti" claims to have targeted Panasonic's Canadian subsidiary on an online dark site.
"Conti" uses ransomware to perform cyber attacks that encrypt data such as companies and make it invisible, and if the requested ransom is not paid, it commits a crime by threatening to disclose the stolen data. It is said that there is.
According to the information security company "Mitsui Bussan Secure Direction", "Conti" has more than 6100 files stolen from the company after 6 pm on the 5th of Japan time, totaling 2.87 gigabytes of data, dark web = It is said that it was published on a dark site on the Internet.
The content is personnel, budget, and files that appear to be related to accounting.
"Conti" is characterized by the method of gradually releasing and threatening the stolen data, and claims that 3% of the total was released this time.
Conti is one of the most active ransomware hackers, claiming to have attacked more than 340 companies around the world since September last year.
Takashi Yoshikawa of Mitsui & Co., Ltd. Secure Direction said, "There are some cases where overseas bases, such as foreign subsidiaries and branches, where security tends to be weak, are attacked, which has an impact on Japan. The parent company located upstream of the supply chain. And major companies must take measures for the entire group. We want them to take thorough measures such as updating devices such as those used for remote connection and updating authentication information. "