top of page
perceptive_background_267k.jpg

Askul confirms theft of 740k customer records in ransomware attack

Published:

15 december 2025 om 23:13:44

Alert date:

16 december 2025 om 00:01:26

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Ransomware & Malware, Data Breach & Exfiltration, Enterprise Applications

Japanese e-commerce giant Askul Corporation confirmed that RansomHouse hackers stole approximately 740,000 customer records in a ransomware attack that occurred in October. The breach involved significant customer data theft, representing a major cybersecurity incident for the company. This attack demonstrates the continued threat posed by ransomware groups targeting large corporations and their customer databases. The incident highlights the ongoing risks to customer personal information in ransomware attacks.

Technical details

RansomHouse threat actors gained initial access through compromised authentication credentials of an outsourced partner's administrator account that lacked multi-factor authentication (MFA). The attackers conducted network reconnaissance, collected authentication information to access multiple servers, disabled EDR and other vulnerability countermeasure software, moved laterally between servers to acquire necessary privileges. Multiple ransomware variants were deployed simultaneously across multiple servers, some evading updated EDR signatures. The attack resulted in data encryption, system failure, and backup file deletion to prevent recovery. Approximately 740,000 customer records were stolen including business customer service data (590,000 records), individual customer service data (132,000 records), business partners data (15,000 records), and employee data (2,700 records).

Mitigation steps:

Apply multi-factor authentication (MFA) to all key systems, reset passwords for all administrator accounts, physically disconnect infected networks, cut communications between data centers and logistics centers, isolate affected devices, update EDR signatures, establish long-term monitoring to prevent misuse of stolen information, notify affected customers and partners individually, report to relevant data protection authorities

Affected products:

Askul Corporation e-commerce platform
EDR (Endpoint Detection and Response) systems

Related links:

https://www.bleepingcomputer.com/news/security/retail-giant-muji-halts-online-sales-after-ransomware-attack-on-supplier/
https://www.askul.co.jp/snw/newsDispView/?newsId=18364
http://www.askul.co.jp/shopnews/news_251027_emergency_faq.html
https://pdf.irpocket.com/C0032/PDLX/O3bg/N4O3.pdf

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page