Cyber Incident Victim: Sumiwa Koun Co.

On June 4, 2022, Sumiwa Koun Co., a port transport business operator, experienced a server disruption discovered at approximately 9:00 a.m. when an employee of its parent company arrived at work and found an inability to connect to the business server. The company identified a ransomware infection as the cause of the outage, prompting immediate isolation of the affected server from the network to prevent further spread. Sumiwa Koun engaged an external vendor to conduct a forensic investigation into the incident’s origin and scope. The company formally reported the cyberattack to law enforcement authorities and submitted a breach notification to Japan’s Personal Information Protection Commission, indicating potential regulatory concerns regarding data exposure. No operational impacts beyond the server disconnection were explicitly detailed in available reports.

The investigation confirmed server compromise through ransomware but did not establish conclusive evidence of data exfiltration or theft. Sumiwa Koun’s public disclosure occurred months after the incident through a Security Next article published alongside reports of unrelated attacks on WDB Holdings and Atsugishi Fishery Cooperative. The delayed reporting timeline suggests internal recovery and investigative processes preceded public communication. While the ransomware attack disrupted core server functionality critical to business operations, the company’s containment response through network segregation and third-party involvement aimed to limit damage propagation. Uncertainty regarding potential information leakage remained unresolved in disclosed findings, with no supplementary evidence confirming compromise of customer or employee data.