Note: As of last Friday afternoon, the Canon U.S.A. website is back online. We will provide more updates as they become available.
Add Canon U.S.A. Inc. to a growing list of major corporations that have been stung by a cyberattack.
The Melville, New York-based firm reportedly is experiencing widespread systems issues impacting multiple applications, with Microsoft Teams, email and other systems unavailable. A number of sources, including BleepingComputer, have identified the attack as being Maze ransomware. BleepingComputer obtained a partial screenshot of the ransom note. Maze told the website that it had taken “10 terabytes of data, private databases” etc., from Canon.
If Canon refuses to pay the ransom amount, which was not made public by Maze, it risks having that data exposed to the public by the attacker (see below).
Canon initially identified an issue July 30 involving the 10GB long- and short-term storage on image.canon, and during an investigation Canon temporarily suspended both the mobile application and web browser service.
In an Aug. 6, note to employees, Canon said it had contracted a third-party cybersecurity firm to investigate and aid in its recovery. The message pointed out that the systems issue was unrelated to the one that impacted image.canon.
A spokesperson for Canon U.S.A. confirmed to ENX Magazine that it was investigating the situation. However, Newsday was able to obtain further information from Christine Sedlacek, senior director and general manager of corporate communications.
“Access to some Canon systems is currently unavailable as a result of a ransomware security incident we recently discovered,” Sedlacek told Newsday. “We immediately implemented our response protocols and began an investigation.”
Sedlacek added that Canon hired cybersecurity experts who have worked with other companies similarly impacted. “We have been working nonstop to restore systems quickly, securely and appropriately. Some systems have already been restored,” she said.
At least one Canon U.S.A. site still shows the following message, directing users to the Canon Canada page:
The OEM is one of many organizations that have fallen under attack recently. Maze has reportedly been the culprit behind a number of high-visibility cyberattacks on companies such as Xerox, Pitney Bowes, LG, Chubb and Conduent.