Company says a ransomware infection reached its network

Nov 27, 2020 15:48 GMT  ·  By

Canon has officially acknowledged a security incident that took place in August, explaining that a ransomware infection reached its network and very sensitive data was exposed.

Canon says the unauthorized activity happened between July 20 and August 6, so hackers had access to data stored on the company’s servers for some two weeks.

The firm says it conducted an investigation with the help of a security vendor and discovered that files stored on the servers included information about current and former employees from 2005 to 2020, as well as beneficiaries and dependents.

A lot of sensitive details have been, including Social Security number, driver's license number or government-issued identification number, financial account number provided to Canon for direct deposit, electronic signature, and date of birth.

“We wanted to notify our current and former employees and their beneficiaries and dependents of this incident and to assure them that we take it seriously.  As a precaution, we have arranged for them to receive a complimentary membership to Experian's IdentityWorks credit monitoring service. This product helps detect possible misuse of an individual's information and provides the individual with identity protection services,” Canon explains.

All systems restored, the police contacted too

Canon says all devices have been restored after the ransomware infection and law enforcement has also been contacted.

“We remind you it is always advisable to be vigilant for incidents of fraud or identity theft by reviewing your account statements and free credit reports for any unauthorized activity. You may obtain a copy of your credit report, free of charge, once every 12 months from each of the three nationwide credit reporting companies,” Canon explains.

At the time of writing, Canon is yet to reveal the ransomware infection that compromised its network. The hacking group behind the attack is also unknown.