Kadokawa faces major major ransomware attack

On 8 June, Kadokawa, a Japanese media conglomerate, reported a data security incident on its website, stating that multiple servers within the Kadokawa Group had become inaccessible. In response, the company promptly shut down the affected systems and investigated to determine the incident’s nature and scope.

The ongoing investigation revealed various services, including Niconico, Kadokawa’s official website, and the e-commerce site ‘ebten,’ were impacted. Kadokawa is also looking into potential information leaks resulting from the incident.

Subsequent updates from Kadokawa confirmed that the disruption was caused by a large-scale cyberattack involving ransomware. Emergency measures were taken, such as shutting down servers and forming a task force to assess the damage, identify the cause, and restore operations. The ransomware attack primarily targeted Niconico’s systems, Japan’s popular video-sharing service, as well as affected the company’s payment system, leading to payment delays for some business partners.

The BlackSuit ransomware group claimed responsibility for the attack on Kadokawa and listed the company as a victim on its data leak site. The group alleges to have stolen over 1.5TB of confidential data and threatened to publish it on 1 July unless ransom demands were met.

Kadokawa acknowledged the hacker group’s claims and stated that they are investigating the possibility of data leakage with external cybersecurity experts. The company reassured stakeholders that no credit card information of customers, including Niconico users, is stored in their systems, ensuring that such data remains secure.