A cyber incident that disrupted operations at a major Japanese e commerce company has now been fully assessed.
Askul Corporation has confirmed that around 740000 customer records were stolen during a ransomware attack it suffered in October. Askul is a business to business and business to consumer office supplies and logistics platform owned by a major Japanese internet group.
The attack caused a widespread IT system failure, forcing Askul to suspend shipments to customers, including large retail clients. The company has now completed its investigation into the scope and impact of the breach and disclosed the categories of data affected.
According to the findings, the compromised data includes approximately 590000 business customer service records, around 132000 individual customer service records, nearly 15000 records linked to business partners such as outsourcers and suppliers, and about 2700 records related to executives and employees, including group companies.
Askul said it has withheld specific details to prevent further misuse of the exposed information. Affected customers and partners will be informed individually. The company has also notified the national data protection authority and has put long term monitoring measures in place to prevent misuse of the stolen data.
As of December 15, shipping operations continue to face disruptions, and work to fully restore systems is still ongoing.
The ransomware attack has been claimed by the RansomHouse extortion group, which first revealed the breach on October 30. The group later released data in 2 separate leaks on November 10 and December 2.
Askul stated that the attackers gained access by using compromised login credentials belonging to an outsourced partner administrator account that did not have multi factor authentication enabled.
“After successfully achieving the initial intrusion, the attacker began reconnaissance of the network and attempted to collect authentication information to access multiple servers,” the company said in its report.
“The attacker then disables vulnerability countermeasure software such as EDR, moves between multiple servers, and acquires the necessary privileges,” it added.
The company noted that multiple ransomware variants were used, some of which bypassed updated EDR protections. The attack resulted in both data encryption and system failure, with ransomware deployed across multiple servers and backup files erased to block recovery.
In response, Askul disconnected affected networks, isolated devices, updated security tools, applied MFA across key systems, and reset all administrator passwords. The financial impact remains under review, and the company has delayed its earnings report to complete the assessment.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
