Last week, we reported that Canon was attacked by the Maze ransomware. The attack reportedly affected Canon email, Microsoft Teams, the company's US website, and other internal applications.
Operators of the Maze ransomware claimed that they attacked Canon on the morning of August 5 and stole more than 10 terabytes of data from the company, including private databases.
Now the journalists of the publication Bleeping computer reported that Maze operators began publishing information previously stolen from the company on their website. At the same time, earlier journalists believed that Canon paid the ransom to the cybercriminals, since the company managed to restore the operation of many systems in a very short time, but now the hackers have begun publishing the stolen data, and we can conclude that they did not receive the ransom.
So far, the attackers claim that they have posted only 5% of the stolen information on their website. The published file is a 2.2 GB STRATEGICPLANNINGpart62.zip archive. According to the publication, it includes marketing materials, videos, as well as files related to the site of the affected company.
Bleeping Computer claims that the files do belong to Canon's US division, but the archive does not contain any financial information, employee information, or other sensitive data.