Ransomware Cyberattack Hits Canon, Allegedly Steals Over 10TB Data

Canon has allegedly been hit by a Maze ransomware cyberattack which has impacted the company’s email, Microsoft Teams, US website, and other internal applications. According to BleepingComputer, the attack has also resulted in over 10TB of stolen data.

August 4 message

The source notes that image.canon site suffered an outage on July 30th, 2020, and over six days, the site would show status updates until it went back in service yesterday, August 4th. However, the final status update was strange as it mentions that while data was lost, “there was no leak of image data.” 

Canon it notice

Today, the source received an image of a company-wide notification titled “Message from IT Service Center” that was sent at approximately 6 AM this morning from Canon’s IT department.

This notification states that Canon is experiencing “wide spread system issues affecting multiple applications, Teams, Email, and other systems may not be available at this time.”

As part of this outage, Canon USA’s website is now displaying errors or page not found errors when visited.

Since then, BleepingComputer has obtained a partial screenshot of the alleged Canon ransom note, which we have been able to identify as from the Maze ransomware.

After contacting the ransomware operators, the source was told by Maze that their attack was conducted this morning when they stole “10 terabytes of data, private databases etc” as part of the attack on Canon.

Meanwhile, Canon has now said in a statement that they are “currently investigating the situation.”