Japanese electronics conglomerate Panasonic has reported that its Canadian operations were struck by a “targeted” cyberattack – less than six months after it was hit by another cyber incident.
Panasonic confirmed that the cyberattack which occurred in February, affected some of its systems, processes, and networks.
“We took immediate action to address the issue with assistance from cybersecurity experts and our service providers,” a spokesperson said in a statement to TechCrunch. “This included identifying the scope of impact, containing the malware, cleaning and restoring servers, rebuilding applications and communicating rapidly with affected customers and relevant authorities.”
Malware research group VX-Underground found that it was the Conti ransomware gang that claimed responsibility for the cyberattack on Panasonic Canada. The group has been offering its malware as ransomware-as-a-service (RaaS), allowing other threat actors to rent the malware infrastructure in exchange for a percentage of the ransom proceeds.
Conti claimed that it has stolen some 2.8 GB of data from Panasonic Canada. To confirm this claim, TechCrunch checked Conti’s leak page, which alleges that it has internal files, spreadsheets, and documents from Panasonic’s HR and accounting departments.
Panasonic has declined to reveal what type of data may have been accessed, nor how many individuals whose information may have been affected by the breach. But the company told TechCrunch that the cyberattack only affected its Canadian operations.
“Since confirming this attack, we have worked diligently to restore operations and understand the impact to customers, employees and other stakeholders,” the Panasonic spokesperson continued. “Our top priority is continuing to work closely with affected parties to fully mitigate any impacts from this incident.”
In November last year, Panasonic revealed that its network was “illegally accessed by a third party” and that some of the data on a file server “had been accessed during the intrusion.” Later, in January 2022, the company confirmed that hackers had accessed the personal data of job candidates.
