Cyber Incident Victim: Hoya Corporation

In late February 2019, Hoya Corporation, a Japanese eyeglass lens manufacturer, experienced a cyberattack targeting its key production facility in Thailand. The incident involved approximately 100 company computers being infected with malicious software designed to steal user credentials, including IDs and passwords. Company officials stated this initial infection was identified as a preparatory stage for a secondary attack phase intended to deploy cryptocurrency mining malware. Hoya's cybersecurity measures successfully intercepted and prevented this subsequent malware deployment before it could activate. The attack caused significant operational disruption, forcing a partial shutdown of factory production lines at the Thai facility for three consecutive days as the company worked to contain the incident.

The cyberattack's primary impact centered on manufacturing disruptions at Hoya's Thailand production base, though the company did not disclose specific financial losses or production volume reductions. According to Hoya's analysis, attackers sought to exploit compromised systems for cryptocurrency mining operations - a process where hijacked computing resources perform complex calculations to generate digital currency, rewarding perpetrators with monetary value. No customer data breaches or external data exfiltration were reported in connection with the incident. Hoya publicly confirmed the attack on April 6, 2019, nearly six weeks after its occurrence, through statements from company officials acknowledging the operational interruption and successful prevention of the cryptocurrency mining phase. The company did not attribute the attack to any specific threat actor or disclose remediation timelines beyond the three-day production disruption.