Two of the following incidents occurred in June; the first one is recent:
WDB Holdings Co. Ltd confirms ransomware attack
WDB Group (WDB Holdings) issued the following statement on August 2:
Since August 1, 2022, we have been experiencing an issue that prevents us from accessing the mail system and file servers of our group’s IT system. We have confirmed that a ransomware attack was done by a third party, and have suspended the operation of our internal network. We apologize for the inconvenience and concern caused to our customers and related parties. We also apologize for the time to report the issue, as we prioritized recovery work.
Currently, our information system department is taking the lead in carrying out recovery work and investigating the cause.
Also, we have confirmed that there is no information leakage such as leakage of personal information due to this issue.
We will immediately request an external IT system specialist company to investigate the scope of damage and identify the route of intrusion together with our information system department. We will communicate the results of the investigation once it is complete.
We apologize for any inconvenience this may cause to our customers and related parties, and we do appreciate your understanding.
Malware attack on Atsugishi Fishery Cooperative mail-order store
Security Next reports (machine translation):
The Atsugishi Fishery Cooperative Association has revealed that customer information on the store’s mail order site, Auroko, may have been leaked to outside parties due to infection by the malware Emotet.
According to the cooperative, it was discovered that one of the computers used by the direct sales store was infected with the malware “Emotet” and mail data stored inside the terminal may have been leaked to outside parties.
The possible leakage included e-mails sent from the direct sales store to customers on the mail order site and e-mails from customers inquiring about the company. The data included names, addresses, telephone numbers, and e-mail addresses.
The incident occurred in June and the closed mail order site is scheduled to reopen on August 12.
Read more at Security Next
Sumiwa Koun Co. server damaged by ransom, but uncertain as to whether information was leaked
Security Next reports (machine translation):
Sumiwa Koun, which operates a port transport business, has revealed that the server it uses for its business has suffered a cyber attack.
According to the company, at around 9:00 a.m. on June 4, an employee of the parent company came to work and found that his computer was unable to connect to the server.
The server was found to be infected with ransomware and was quarantined from the network. An investigation was conducted by an outside vendor, the damage was reported to the police, and a report was made to the Personal Information Protection Commission.
Read more at Security Next. Although the incident occurred in June, it was just reported now on Security Next.