Seiko says ransomware attack exposed sensitive customer data

Japanese watchmaker Seiko has confirmed it suffered a Black Cat ransomware onslaught earlier this year, informing that nan incident has led to a information breach, exposing delicate customer, partner, and unit information.

Seiko says its investigation confirmed that a full of 60,000 'items of individual data' held by its 'Group' (SGC), 'Watch' (SWC), and 'Instruments' (SII) departments were compromised by nan attackers.

On August 10, 2023, nan company warned that personification had gained unauthorized entree to astatine slightest 1 of its servers connected July 28, 2023.

On August 21, 2023, nan BlackCat/ALPHV ransomware gang added Seiko to its extortion site, claiming to person stolen accumulation plans, worker passport scans, caller exemplary merchandise plans, specialized laboratory trial results, and confidential method schematics of existent and upcoming Seiko watches.

Further accusation that emerged astatine nan clip suggested that BlackCat bought entree to Seiko's web from an first entree agent (IAB) a time earlier nan recognition of nan intrusion.

Seiko released a follow-up statement on August 22, acknowledging that definite accusation relating to their business partners and labor has been leaked, and committed to providing a much meticulous appraisal of nan business erstwhile their investigations conclude.

Data theft confirmed

Seiko investigated nan breach and identified each items leaked by nan ransomware gang.

The institution states that nan pursuing accusation was leaked:

• SWC (Seiko Watch Corporation) customer information, including names, addresses, telephone numbers, and/or email addresses.
• Contact accusation for counterparties progressive successful business transactions pinch SGC, SWC, and/or SII, including nan individual's name, institution affiliation, occupation title, institution address, institution telephone number, and/or institution email address.
• Information supplied by applicants for employment pinch SGC and/or SWC, including names, addresses, telephone numbers, email addresses, and/or acquisition inheritance information.
• Personnel information, including names and/or email addresses, for some existent and erstwhile labor of SGC and its group companies.

The latest announcement clarifies that nan cybercriminals did not entree nan in installments paper accusation of Seiko Watch customers.

Seiko says it will proceed to coordinate pinch cybersecurity specialists to bolster each IT systems and operations successful nan firm's network, measure nan causes of nan breach, and execute targeted information enhancements that will forestall akin incidents from occurring successful nan future.

Also, each of nan impacted customers, members of personnel, and business partners will beryllium notified astir nan information breach individually.