Famed watchmaker Seiko has confirmed that the cyber attack it suffered in July 2023 was indeed a cybersecurity incident carried out by the infamous BlackCat ransomware gang.
In an incident report published on October 25 (the third in the series), the company said its investigation confirmed that 60,000 “personal data” had been stolen from three divisions: Group, Watch and Instruments.
The company first raised the alarm on August 10, when it said someone had accessed at least one of its servers. Two weeks later, the BlackCat ransomware group, also known as ALPHV, claimed responsibility for the attack by adding the Japanese giant to its extortion site and sharing a few samples of the data collected. The samples include production plans, employee passport scans, release plans for new models and specialized laboratory test results.
PII galore
Now the company analyzed the collected data and confirmed that BlackCat collects customer information (names, addresses, telephone numbers and/or email addresses), contact details of counterparties involved in business transactions with Group, Watch and Instruments (names, company affiliation, job title, company address, company telephone number and/or company email address), information of people who applied for vacancies (names, addresses, phone numbers, email addresses and/or educational background information) and some employee information (names, email addresses).
No customer payment information, such as credit card information, was collected, Seiko confirmed. The company said it will continue to work with cybersecurity firms to tighten the security of its systems, analyze the root cause of the breach and engage in “targeted security improvements” to ensure such an incident never happens again.
Some reports claimed that BlackCat purchased access from an initial access broker (IAB) a day before the company noticed the attack.
Seiko concluded the report by saying that everyone affected by the breach would be notified individually.
Through BleepingComputer