The breach is the second attack in six months.
Panasonic has confirmed its Canadian operations were hit by a cyberattack, less than six months after the company last fell victim to hackers.
In a statement provided to TechCrunch, Panasonic said that it was a victim of a “targeted cybersecurity attack” in February that affected some of its systems, processes and networks.
“We took immediate action to address the issue with assistance from cybersecurity experts and our service providers,” said Panasonic spokesperson Airi Minobe. “This included identifying the scope of impact, containing the malware, cleaning and restoring servers, rebuilding applications and communicating rapidly with affected customers and relevant authorities.”
The culprits: an RaaS Group that supports Russia
According to VX-Underground, a malware research group that collects malware samples and data, the Conti ransomware-as-a-service (RaaS) group has claimed responsibility for the attack. (RaaS groups typically rent out their ransomware infrastructure to others in return for a percentage of any ransom proceeds.) The gang, which has previously targeted Fat Face, Shutterfly and Ireland’s healthcare service, claims to have stolen over 2.8 gigabytes of data from Panasonic Canada. TechCrunch has seen Conti’s leak page, which purports to be sharing internal files, spreadsheets and what appears to be documents belonging to Panasonic’s HR and accounting departments.
When asked by TechCrunch, Panasonic did not dispute that the incident was the result of a ransomware attack. The company declined to say what data was accessed, nor how many people were impacted by the breach, but said that the incident only affected its Canadian operations.
“Since confirming this attack, we have worked diligently to restore operations and understand the impact to customers, employees and other stakeholders,” Minobe added. “Our top priority is continuing to work closely with affected parties to fully mitigate any impacts from this incident.”
It’s unclear whether the group — which in February had its own internal chats leaked after declaring its support for Russia’s invasion of Ukraine — made a ransom demand.