Askul Confirms Theft Of 740k Customer Records In Ransomware Attack

Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October.

Askul is a large business-to-business and business-to-consumer office supplies and logistics e-commerce company owned by Yahoo! Japan Corporation.

The ransomware incident in October caused an IT system failure, forcing the company to suspend shipments to customers, including the retail giant Muji.

The investigations into the incident’s scope and impact have now been concluded, and Askul says that the following types of data has been compromised:

Askul noted that exact details have been withheld to prevent exploitation of the compromised information, and that affected customers and partners will be notified individually.

Also, the company has informed the country’s Personal Information Protection Commission about the data exposure and established long-term monitoring to prevent misuse of the stolen information.

Meanwhile, as of December 15, order shipping continues to be impacted, and the company is still working to fully restore systems.

The attack on Askul has been claimed by the RansomHouse extortion group. The gang initially disclosed the breach on October 30 and followed up with two data leaks on November 10 and December 2.

Askul has shared some details about how the threat actors breached its networks, estimating that they leveraged compromised authentication credentials for an outsourced partner’s administrator account, which lacked multi-factor authentication (MFA) protection.

"After successfully achieving the initial intrusion, the attacker began reconnaissance of the network and attempted to collect authentication information to access multiple servers," reads the automated translation of Askul's report.

Source: BleepingComputer