Watchmaker now a ransomware statistic

Prominent watchmaker Seiko has publicly acknowledged a significant data breach orchestrated by the notorious BlackCat ransomware group, also referred to as ALPHV. The cyberattack occurred in July 2023, and its repercussions have shaken the Japanese giant.

The attack was specifically directed at three of Seiko’s departments: Group, Watch, and Instruments. Initially, the company raised concerns about the unauthorized access on August 10th. By the end of the month, the BlackCat ransomware collective had not only claimed responsibility but also flaunted some of the stolen data. This stolen data was showcased on their extortion site and encompassed crucial information like production plans, employee passport scans, forthcoming model release strategies, and detailed lab test outcomes.

After thorough investigation, Seiko confirmed that an alarming 60,000 items of personal data had been compromised. This breach was not limited to customer details, but also extended to business partners associated with Seiko Group Corporation, Seiko Instruments Inc., and SWC. Additionally, personal details of individuals who had applied for jobs at SGC and SWC, as well as existing and past SGC employees, were also obtained during this cyber onslaught.

The stolen data includes customer names, contact details, information of individuals linked with business transactions (comprising names, company affiliations, job titles, and company contact details), details of job applicants, and specific employee information. Fortunately, the compromised data did not encompass customer financial details, such as credit card information.

Seiko, determined to tackle this grave situation head-on, has started the process of notifying each affected individual. They have also intensified their collaboration with cybersecurity experts to bolster their defense mechanisms. The company is fervently working on comprehending the root causes behind the breach and focusing on “targeted security enhancement” to forestall any such incidents in the future.

Speculations abound regarding the modus operandi of the BlackCat group. Some sources suggest that BlackCat might have procured access through an initial access broker (IAB) just a day before Seiko detected the intrusion.

Interestingly, this incident closely trails another similar breach experienced by Casio, another eminent Japanese watch manufacturer, earlier this year. It underscores the escalating threats posed by cybercriminals to global enterprises, emphasizing the imperative need for robust cybersecurity measures.