Renowned Japanese watchmaker Seiko has suffered a major data breach following a ransomware attack by the BlackCat and ALPHV cybercriminal group. The breach, which was first detected in July 2023, led to the theft of over 2Tb of sensitive data, including employee records, production technology insights, management meeting recordings, emails, and passport copies.
Following the company's refusal to meet extortion demands, the cybercriminals made all the stolen data publicly available on a Tor-based website in mid-September. The compromised data spanned across Seiko's subsidiaries - Seiko Group Corporation, Seiko Watch Corporation (SWC), and Seiko Instruments Inc., affecting approximately 60,000 personal data records. These records included SWC customer information, business partner details, and employee records.
Seiko's incident report from Tuesday confirmed that the breach encompassed diverse data types such as customer and business contacts, job applicant records, production plans, passport scans, new model release plans, and specialized lab test results. However, no credit card data was compromised in the breach.
The BlackCat ransomware group, also known as ALPHV, claimed responsibility for the attack on its extortion site and shared samples of the stolen data. Reports suggest that BlackCat used an initial access broker (IAB) to gain entry before Seiko detected the breach.
In response to this significant breach, Seiko has undertaken robust cybersecurity measures to strengthen its defenses against future attacks. These measures include installing Endpoint Detection and Response (EDR) systems on all servers and PCs for unauthorized activity detection and enforcing multi-factor authentication.
Seiko is currently working with cybersecurity firms to enhance its security protocols further. As part of its remediation efforts, the company is notifying impacted parties individually about the breach and the potential risks associated with it.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.