The Maze ransomware group has attacked multinational corporation Canon, which stole its email and storage services and its US website on July 30, as Maze has threatened to leak the pics and data if a crypto ransom is not paid.
It has been reported that the image.canon site was out for six days during which it showed updates. It went back into service on August 4.
However, Canon put out a statement that day about the attack saying that there had been no leak of image data, nor thumbnails of the photos stored in the cloud service.
The severity of the attack was confirmed on August 5 by BleepingComputer which said that the ransomware gang claimed it had managed to steal almost 10 TB of photos, files, and other data.
The publication reported a notification sent by Canon’s IT department through their company-wide network that confirmed that “widespread system issues” affected multiple applications.
It has been analyzed that unusually, Maze said that its attack had not caused the six day outage.
Brett Callow, the threat analyst at malware lab Emsisoft, confirmed that the well-known Maze ransomware gang is behind the cyberattacks against the Japanese multinational.
“Whether that includes customers’ photos and videos that were stored in Canon’s long-term storage is impossible to say. Canon does state that some photos and videos were lost, so it seems likely that Maze did have access to that area of the network.”
Callow added that ransomware used to mainly affect smaller businesses, but larger enterprises are now falling victim to increasing frequency.
Thus, he believes that the chance of data being stolen in a particular ransomware attack is now greater than one in ten by quoting a recent study published by the malware lab.