The North American subsidiary, Canon USA, focused on the photography and optical sector, has reported a cybersecurity incident caused by ransomware that has compromised information regarding current and former employees (from 2005 to 2020) and their beneficiaries and dependents, along with certain subsidiaries.
After detecting unauthorised activity on file servers from 20th of July onwards, the ransomware was identified on 4th of August. At that moment, measures were taken to limit its impact, an investigation was launched and law enforcement authorities were notified.
The information affected includes: personal names, social security number, driver's license number or identification number issued by government, bank account number provided to Canon, electronic signature and date of birth.
Currently, it is known that the cyberattack was led by the cybercrime group, Maze. Canon, for its part, is offering free monitoring services to affected users in order to detect non-legitimate use of their data on the website.