Cyber Incident Victim: 株式会社上條器械店

On the morning of June 14, 2023, an external unauthorized access incident was discovered within the network of Kamijo Co., Ltd. (株式会社上條器械店). The company, which operates under the brand KAMIJO, identified that its servers had been subjected to this illicit access. In immediate response to this discovery, the company took swift action to contain the potential impact of the breach. This initial response involved the proactive shutdown of servers that were assessed as having a high possibility of being affected by the intrusion. Furthermore, the company executed a complete disconnection of its network segments to isolate the threat and prevent any potential lateral movement by the threat actor or further data exfiltration.

Following these containment measures, the company embarked on a detailed investigation to determine the full scope and consequences of the incident. The primary objectives of this investigation were to identify the specific systems and data that may have been compromised, to understand the methods used by the attacker to gain access, and to ascertain whether any sensitive information had been exfiltrated. To ensure a thorough and expert analysis, Kamijo engaged external cybersecurity specialists to assist in the forensic investigation. This collaboration was aimed at leveraging specialized skills to uncover the root cause of the breach and to evaluate the potential for data leakage.

The investigation was a multi-phase process beginning with the identification of the affected range. The company worked to meticulously trace the attacker's activities within its network to understand the entry point, the duration of access, and the systems interacted with. This process was critical for mapping the potential impact on both internal operations and external stakeholders. While the initial public announcement on June 19, 2023, did not confirm any specific data theft, it explicitly acknowledged the possibility that information may have been leaked and stated that determining this was a core focus of the ongoing inquiry.

Concurrently with the investigative work, recovery operations were initiated. The restoration of affected systems proceeded only after the scope of the incident was sufficiently understood to ensure that remediation efforts would not inadvertently reintroduce threats back into the environment. The company prioritized a secure and methodical return to normal operations over speed, ensuring that systems were cleansed and fortified before being brought back online. Throughout this period, the company maintained a commitment to transparency with its stakeholders, promising to provide updates on its website as significant new information was confirmed.

The company recognized the significant concern and inconvenience the incident caused to its business partners and customers. To address these concerns directly, Kamijo established a dedicated customer inquiry center. This channel was designed to provide a direct line of communication for affected parties seeking information. The contact center was made available via a specific telephone number, 0263-58-2263, and an email address, [email protected], with operating hours from 9:00 to 18:00 on weekdays, excluding Saturdays, Sundays, and national holidays. The public announcement served both as an official notification of the incident and as a formal apology for the worry and disruption it engendered. The company’s response strategy encompassed technical containment, forensic investigation, system recovery, and stakeholder communication, focusing on resolving the incident and mitigating its effects.