Japanese watchmaker Seiko has confirmed it suffered a Black Cat ransomware attack earlier this year, warning that the incident has led to a data breach, exposing sensitive customer, partner, and personnel information.
Seiko says its investigation confirmed that a total of 60,000 ‘items of personal data’ held by its ‘Group’ (SGC), ‘Watch’ (SWC), and ‘Instruments’ (SII) departments were compromised by the attackers.
On August 10, 2023, the company warned that someone had gained unauthorized access to at least one of its servers on July 28, 2023.
On August 21, 2023, the BlackCat/ALPHV ransomware gang added Seiko to its extortion site, claiming to have stolen production plans, employee passport scans, new model release plans, specialized lab test results, and confidential technical schematics of existent and upcoming Seiko watches.
Further information that emerged at the time suggested that BlackCat bought access to Seiko’s network from an initial access broker (IAB) a day before the identification of the intrusion.
Seiko released a follow-up statement on August 22, acknowledging that certain information relating to their business partners and employees has been leaked, and committed to providing a more accurate assessment of the situation once their investigations conclude.
Data theft confirmed
Seiko investigated the breach and identified all items leaked by the ransomware gang.
The company states that the following information was leaked:
- SWC (Seiko Watch Corporation) customer information, including names, addresses, telephone numbers, and/or email addresses.
- Contact information for counterparties involved in business transactions with SGC, SWC, and/or SII, including the individual’s name, company affiliation, job title, company address, company phone number, and/or company email address.
- Information supplied by applicants for employment with SGC and/or SWC, including names, addresses, phone numbers, email addresses, and/or educational background information.
- Personnel information, including names and/or email addresses, for both current and former employees of SGC and its group companies.
The latest announcement clarifies that the cybercriminals did not access the credit card information of Seiko Watch customers.
Seiko says it will continue to coordinate with cybersecurity specialists to bolster all IT systems and operations in the firm’s network, assess the causes of the breach, and perform targeted security enhancements that will prevent similar incidents from occurring in the future.
Also, each of the impacted customers, members of personnel, and business partners will be notified about the security breach individually.