Casio acknowledged that some network security settings in the development environment were disabled due to an operational error, leading to unauthorized external access.
Casio, the Japanese electronics manufacturer, has publicly revealed a data breach that impacted customers from 149 countries. Hackers infiltrated the servers of Casio’s ClassPad education platform.
Casio first noticed the incident on Wednesday, October 11, when a database related to ClassPad experienced an outage within the company’s development environment. Evidence indicates that the intruder accessed customers’ personal information just a day later, on October 12.
The exposed data includes customer names, email addresses, countries of residence, service usage details, and purchase information, which encompasses payment methods, license codes, and order specifics. Importantly, Casio confirmed that the compromised database did not store credit card information.
As of October 18, the attackers accessed 91,921 items belonging to Japanese customers, including individuals and 1,108 educational institution customers. Additionally, 35,049 records of customers from 148 countries and regions outside Japan were affected.
Casio stated, “We have confirmed that some of the network security settings in the development environment were disabled due to an operational error by the department responsible and due to inadequate operational management. Casio believes that these factors allowed unauthorized external access.”
Security Measures Post Previous Breach
Despite the compromised database being currently “inaccessible to external entities,” it has not disrupted the regular operation of the ClassPad.net app. Furthermore, Casio promptly reported the incident to Japan’s Personal Information Protection Commission on Monday, October 16, and is actively collaborating with law enforcement authorities in their breach investigation. In addition, they’re also working closely with external cybersecurity and forensics experts to uncover the root causes and formulate countermeasures in response to the breach.
In early August, a threat actor called “thrax” claimed to have leaked over 1.2 million user records on the BreachForums cybercrime forum. These records were allegedly obtained from an older casio.com database via a Remote Desktop Services (RDS) server, including data dating up to July 2011, AWS keys, and database credentials.
Related stories:
