Kadokawa Corporation Hit by BlackSuit Ransomware Group
Incident Date:
September 10, 2024
Overview
Title
Kadokawa Corporation Hit by BlackSuit Ransomware Group
Victim
Kadokawa Co Jp
Attacker
Black Suit
Location
First Reported
September 10, 2024
Ransomware Attack on Kadokawa Corporation by BlackSuit Group
In a significant cybersecurity incident, the ransomware group BlackSuit has claimed responsibility for an attack on Kadokawa Corporation, a prominent Japanese media conglomerate. The attack, which occurred in June, has led to the alleged release of 1.5 terabytes of sensitive data, including business partner contracts, internal documents, and personal information of employees from its subsidiary, Dwango.
About Kadokawa Corporation
Kadokawa Corporation, headquartered in Chiyoda-ku, Tokyo, is a multifaceted entity in the media and entertainment industry. Formed on October 1, 2014, through the merger of the original Kadokawa Corporation and Dwango Co., Ltd., the company operates across various sectors including publishing, film production, digital content, and video games. Kadokawa is renowned for its extensive publishing operations, popular anime productions, and the operation of the video-sharing platform Niconico.
Attack Overview
The ransomware attack by BlackSuit, formerly known as Royal, has significantly impacted Kadokawa's operations. The group threatened to release the stolen data unless a ransom was paid. Kadokawa is currently collaborating with law enforcement and external cybersecurity experts to assess the breach's impact. The company has assured that no new cyberattacks have been detected and is maintaining vigilant monitoring of the situation.
About BlackSuit Ransomware Group
BlackSuit is a sophisticated ransomware group known for targeting high-profile organizations. The group employs advanced tactics, including exfiltration-based extortion, where they threaten to release sensitive data if their ransom demands are not met. BlackSuit's ability to penetrate systems often involves exploiting vulnerabilities in remote desktop protocols (RDP) and using custom backdoors to gain access to their targets' networks.
Vulnerabilities and Impact
Kadokawa's extensive digital operations and the sensitive nature of its data make it a prime target for ransomware groups like BlackSuit. The compromised data reportedly includes critical business information and personal data, which could have severe financial and reputational consequences for the company. The attack underscores the importance of comprehensive cybersecurity measures, especially for organizations handling vast amounts of digital content and intellectual property.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.