HQ/EMEAFind out how we can help your business
A recent hack of KADOKAWA Corporation, a well-known Japanese media company that produces video games, movies, and books, has been attributed to the BlackSuit ransomware gang. The ransomware group has demanded a ransom and threatened to release the stolen data if the demand is not fulfilled.
The cyberattack, which happened on June 8, disrupted KADOKAWA’s business operations. The company stated that the cyberattack was the reason behind “multiple websites of the KADOKAWA Group are currently experiencing service outages” approximately three weeks ago.
Due to the fact that all of the compromised systems were housed in the same data centre and were later encrypted by ransomware, the incident has had a significant negative influence on the business’s operations as well as those of its subsidiaries, including the well-known Japanese video-sharing platform Niconico. All Niconico services are still suspended, according to a recent update, and the majority of its activities are still impacted.
Since the attack, KADOKAWA has been regularly updating on the cyberattack’s impact on its infrastructure.
KADOKAWA is responding to the incident by aiming to provide a secure network and server environment. Restoring the accounting functions, which are critical to the company’s operations, and normalising the production and distribution procedures within its publishing business—two crucial revenue streams—are its top priorities. The company hopes to be able to start up accounting again by the beginning of July, using both digital and analogue methods.
Up until recently, KADOKAWA has only acknowledged the existence of a ransomware attack without identifying the specific ransomware operation that was behind it. By including KADOKAWA on their data leak website and releasing a small sample of the stolen material, the BlackSuit ransomware gang has finally acknowledged responsibility. The cybercriminals have threatened to expose all of the stolen material, including contacts, private documents, employee information, business plans, and financial data, if the ransom is not paid by July 1.
Considered a rebranding of the Royal ransomware operation, the BlackSuit ransomware operation first surfaced in May 2023. The operators are believed to be the members of the organised cybercrime syndicate Conti, which was a gang of cybercriminals from Eastern Europe and Russia.
A high-profile attack against CDK Global was recently carried out by BlackSuit, which severely disrupted auto dealerships throughout North America. Strong cybersecurity defences and quick incident responses are essential to lessening the effects of cyberattacks like the one the BlackSuit ransomware gang poses.
