Canon Hit By 10 Million Dollar Ransom Attack But Says Your Data Is Fine

PublishedAugust 5, 2020

We may earn a commission from links on this page.

Image for article titled The Canon Ransomware Attack Probably More Costly Than the 70-200mm You Want — Photo: Alex Cranz/Gizmodo

Just about a week after Canon rolled out a full-on cybersecurity toolkit for small businesses across the US, the fan-favorite camera company’s revealed that it’s suffered two pretty serious ransomware attacks that’ve resulted in at least 10 terabytes of company-wide data being held up for an undisclosed ransom.

Watch

The Boogeyman's Sophie Thatcher Reveals What Draws Her to Dark Characters | io9 Interview

view video

The Boogeyman's Sophie Thatcher Reveals What Draws Her to Dark Characters | io9 Interview

IMDb Changes Rating System After Little Mermaid Review-Bombed | Future Tech

Yesterday

Check out Optimus Primal and Optimus Prime Chilling in Times Square

Thursday 12:19PM

While Canon’s been pretty scant on the details of what data’s being held on the table here—and how many of its customers might be on the line—Bleepingcomputer reports that the first attack hit Canon’s internal systems, including its Microsoft teams and company email accounts, towards the tail end of last month. In the ensuing frackas, Canon ended up pulling roughly two dozen of its domains while it “investigated the issue.”

One of these domains just happened to be the site where Canon customers upload their public or not-so-public photos. For six days, the page was stuck showing status updates, before going live again yesterday, plastered with a handy company statement letting us know why they were MIA for the week:

On July 30, 2020, we identified an issue involving the 10GB long-term storage on image.canon. In order to conduct further investigation, we temporarily suspended both the mobile application and web browser service of image.canon.
After the investigation, we identified that some of the photo and video image files saved in the 10GB long-term storage prior to June 16, 2020 9:00am (JST) were lost. We confirmed that the still image thumbnails of the affected files were not affected, and there was no leak of image data.

Hmmm. So according to Canon, there wasn’t any “image data” leaked out here, despite also saying that “some of the photo and video image files” that were saved in its system were mysteriously lost.

Weirdly enough, despite the company-wide and photo-facing hacks happening around the same time, it looks like they’re unrelated since Maze—the ransomware gang behind the former heist—has said that it wasn’t one of their targets. That means that Canon is either really, really unlucky, or really, really bad at cybersecurity, or both.

We’ve reached out to Canon for additional comment and will update should we hear more, and if you have additional details reach out to me at swodinsky@gizmodo.com or anonymously via SecureDrop.