A new report has surfaced confirming what we shared last week: Canon USA has been hit by the ‘Maze’ ransomware attack, and is suffering widespread technical outages across several major websites and internally as a result.
The follow-up from Bleeping Computer both confirmed and corrected their initial report: clarifying that the ransomware attack was not related to the canon.image outage, while confirming via a leaked email that the attack did indeed happen and Canon is “investigating” the situation as we write this.
The main update to the original report came in the form of a leaked internal email, which you can see below.
“Access to some Canon systems is currently unavailable as a result of a ransomware incident we recently discovered,” reads the email. “This is unrelated to the recent issue which affected image.canon […] Cybersecurity experts who have worked with other companies that have had similar issues have been engaged.”
This should come as a relief to users of the canon.image cloud service, since it confirms that the “lost” photo and video files from the service were indeed lost, and are not among the 10TB of data that Maze claims to have stolen from Canon.
That’s hardly comforting for Canon, though, since 20+ Canon domains are still down as of this writing, including the main website for Canon USA. According to a new message that displays when you try to load some (though not all) of the affected Canon websites, Canon USA customers will need to rely on Canon Canada to access drivers and software, though repair requests look to be on hold for the US until Canon sorts this out.
In response to our request for comment on this update, we (again) received the same statement as Bleeping Computer:
We are currently investigating the situation. Thank you.
We’ll update this post if and when we hear more, but it seems Canon has been having a rough go of it for a few weeks. Between the overheating, the canon.image mix-up, and now the ransomware attack, the company’s got a lot on its plate at the moment.