Our Daily Breach: Casio Clubbin'
Murdoc breaks the rules and talks about the Casio breach even though they asked us not to.
Last year the Underground ransomware gang stole 200GB worth of data from Casio. The weird part of the story is that Casio posted a dedicated page (that's still up) explaining, yeah we got owned, but don't tell anyone. No really, that's what they asked:
Please refrain from spreading this information through social media, etc., as it could increase the damage caused by the leak of information on this case, violate the privacy of those affected, have serious effects on their lives and businesses, and encourage crime.
Read that sentence again. They're the ones hosting a public website, asking you to not share the information because it will could cause more harm.
For what it's worth I don't think it's an unreasonable ask, it's just a weird one and I emailed Casio a month ago to get some answers as to why they chose this bold approach. They have not responded.
In a rare twist of events, Casio, a publicly traded company, followed up with the public on what happened in January 7th, 2025, just 88 days after the initial incident was disclosed.
They provide a surprisingly helpful breakdown of what happened and who was impacted by the breach. It was mostly employee data. Only 91 Casio customers were impacted and you're probably not one of them. The only thing I found odd in this report was the word "reasonable":
Following consultation with law enforcement agencies, outside counsel and security experts, Casio has not responded to any unreasonable demands from the ransomware group that carried out the unauthorized access.
Someone is going to have to enlighten me on what a reasonable demand from a ransomware group is. With statements like this, you gotta worry about Casio - they are so sweet, so innocent. So adorable with their "Please do not share". So what is Casio's reward for taking the time to investigate and publish their findings unlike every other private company I've reported on so far?
OH YOU HAVE TO BE F*CKING KIDDING ME
This is could just be a limited sample size, but I'll be honest with you chat, I'm starting to feel like the lesson here is: if you a big company and you get owned, don't acknowledge the problem, then stock go up, cuz maths.
