Seiko Confirms Black Cat Ransomware Attack and Data Breach

Seiko, the renowned Japanese watchmaker, has recently confirmed that it fell victim to a Black Cat ransomware attack earlier this year. This unfortunate incident has resulted in a significant data breach, compromising sensitive information of customers, partners, and personnel.

Through a thorough investigation, Seiko has determined that the attackers managed to compromise a total of 60,000 “items of personal data” across its various departments, including SGC (Seiko Group), SWC (Seiko Watch), and SII (Seiko Instruments).

On August 10, 2023, Seiko issued a public warning regarding unauthorized access to one of its servers on July 28, 2023.

Shortly after, on August 21, 2023, the BlackCat/ALPHV ransomware gang added Seiko to its extortion site, claiming to have obtained production plans, employee passport scans, new model release plans, specialized lab test results, and confidential technical schematics of existing and upcoming Seiko watches.

According to additional information that surfaced at the time, BlackCat acquired access to Seiko’s network through an initial access broker (IAB) just a day before the breach was identified.

In response, Seiko issued a follow-up statement on August 22, acknowledging the leakage of certain information related to their business partners and employees. The company assured the public that it would provide a more accurate assessment of the situation once their investigations concluded.

Data Theft Confirmed

Seiko conducted an in-depth investigation into the breach, successfully identifying all the information that was compromised by the ransomware gang.

The following types of information were confirmed to have been leaked:

• Customer information from Seiko Watch Corporation (SWC), including names, addresses, telephone numbers, and/or email addresses.
• Contact information of counterparties involved in business transactions with SGC, SWC, and/or SII, including names, company affiliations, job titles, addresses, phone numbers, and/or email addresses.
• Applicant information for employment with SGC and/or SWC, including names, addresses, phone numbers, email addresses, and educational background information.
• Personnel information, including names and/or email addresses, of both current and former employees of SGC and its group companies.

In the latest announcement, Seiko clarifies that the cybercriminals did not gain access to the credit card information of Seiko Watch customers.

Seiko is actively collaborating with cybersecurity specialists to enhance the security of its IT systems and operations throughout the network. The company is also diligently investigating the root causes of the breach and implementing targeted security measures to prevent similar incidents in the future.

Furthermore, Seiko will personally notify each affected customer, personnel member, and business partner regarding the security breach.