Casio reports data breach with global impact on customers
Learn More
The Japanese electronics manufacturer Casio has reported a data breach affecting customers across 149 countries. The breach is centered around Casio's ClassPad education platform, where hackers successfully infiltrated the platform's servers.
The incident was initially detected on October 11 when a ClassPad database within the company's development environment failed. Subsequent investigation revealed unauthorized access to customers' personal information.
The compromised data includes
- customer names,
- email addresses,
- countries of residence,
- service usage details,
- purchase information,
- payment methods,
- license codes,
- order specifics.
Fortunately, Casio confirmed that no credit card information was stored within the breached database.
As of October 18, it was determined that the attackers had accessed a total of 91,921 items belonging to Japanese customers, including individuals and 1,108 educational institution customers. Additionally, they had accessed 35,049 records belonging to customers from 148 countries and regions outside of Japan.
Casio attributed the breach to a combination of network security settings being disabled and operational errors within the development environment. The company acknowledged that these factors allowed an external party to gain unauthorized access.
Despite the breach, Casio's ClassPad.net app remains operational, as the compromise was limited to the specific database within the development environment. Casio reported the incident to Japan's Personal Information Protection Commission on October 16 and is actively collaborating with law enforcement authorities to aid in the investigation.
Furthermore, the company has engaged external cybersecurity and forensics experts to conduct an internal investigation to determine the root causes of the breach and formulate effective countermeasures.
