Canon downtime due to ransomware: data leaked

Canon has been attacked by ransomware that affects many services, such as Canon email, Microsoft Teams, the US website, photo storage service, video cloud and other internal applications.

This attack results in the loss of data for users of the free storage capacity of 10 GB.

According to a company announcement released on subdamain image.canon, Canon's services ceased operations on July 30, 2020 for six days. The subdamain image.canon started displaying status updates from yesterday, August 4th.

However, the latest status update was strange as it states that while the data was lost, "there is no image data leakage."

Today, the BleepingComputer he says that Canon "is experiencing widespread system issues affecting many applications, groups, emails and other systems that may not be available at this time."

From this particular shutdown, the Canon USA website displays errors if you try to log in, as shown in the image below:

BleepingComputer also published a screenshot that supposedly shows the ransom note, and as it mentions it is a Maze ransomware.

According to BleepingComputer, the hackers claim to have stolen 10 TB of data from Canon, "10 terabytes of data, private databases, etc."

When they came in contact with the hacker he refused to give further information about the attack, such as the amount of ransom he is asking for, a proof of the stolen data and the extent of the attack.

Maze ransomware targets businesses, which is secretly distributed through a network, until it gains access to an administrator account and the Windows domain controller of the system.

During this process, the malware steals unencrypted files from servers and backups. He uploads the stolen files to his own servers.

Once it has collected anything of value ransomware starts running all over the network to encrypt all the devices.

If the victim does not pay the ransom, the hacker behind the attack will publicly release the stolen victim files.

Maze ransomware has hit many other high-profile victims in the past, including LG, Xerox, Conduent, MaxLinear, Cognizant, Chubb, VT San Antonio Aerospace, City of Pensacola, Florida and more.