Japanese electronics giant Casio has confirmed that many of its systems remain unusable nearly two weeks after being hit by a ransomware attack.
Casio spokeswoman Ayuko Hara told TechCrunch on Thursday that she sees “no chance of recovery yet” as the company struggles to recover from the cyberattack.
“Beginning October 5, we experienced a system error on our servers, rendering some servers unusable,” Hara told TechCrunch, adding that the company has since taken steps to disconnect servers to prevent the damage from spreading.
“These measures are impacting order intake and placement with suppliers and product delivery schedules,” Hara said. “While recovery is not yet possible, we are putting our customers first as we pursue recovery.”
According to TechCrunch, these shipping issues appear to only affect Japanese customers, who are seeing a message saying, “Due to an issue with our product shipping system, your delivery date has not currently been determined.” Casio’s US website appears to be unaffected at the time of publication.
Last Friday, Casio said it was the victim of a ransomware attack in which attackers compromised sensitive company data and personal information of employees, contractors, business partners and job applicants. This data theft was claimed by the Underground ransomware group, which shared samples of the stolen Casio data to dark web leak sites.
Hara told TechCrunch that “the hackers left threatening messages indicating their intention to exfiltrate our data,” but Casio said it had not received any ransom demands. This means the company has not been in contact with the ransomware group, but Casio did not comment on TechCrunch’s request.
Casio does not yet know what type of data was stolen or how many individuals were potentially affected, Hara said.
“We have confirmed that certain information has been compromised and the details are still being investigated,” Hara said. “However, we are confident that our customers’ credit card information was not compromised.”
Underground, which security experts link to a Russia-linked cybercrime group known as RomCom (aka Storm-0978), claims to have stolen more than 200GB of data from Casio systems. Security researchers have linked the RomCom group to cyberattacks carried out on behalf of the Russian state.
Asked whether Casio disputes Underground’s claims, Hara said the company is “currently investigating.”
