Cyber Incident Victim: Canon

On or around August 6, 2020, Canon experienced a ransomware attack that disrupted multiple critical services across its operations. The company confirmed the incident through an internal memo distributed to employees, acknowledging the compromise of its email systems, Microsoft Teams collaboration platform, the Canon USA website, and various internal applications. The attack caused operational interruptions affecting communication channels and digital services essential for daily business functions. Concurrently, Canon’s image.canon cloud photo and video storage service suffered a suspicious outage, which BleepingComputer had been monitoring prior to the official confirmation. This outage specifically impacted users of the platform’s free 10GB storage tier, resulting in confirmed data loss for some subscribers. The ransomware incident coincided with these service disruptions, though the exact relationship between the cloud storage outage and the broader attack was not explicitly detailed in available internal communications.

Canon initiated response measures to address the attack, focusing on restoring affected systems and mitigating further damage. The company did not publicly disclose the ransomware variant involved, the initial attack vector, or whether data exfiltration occurred beyond the operational disruptions. Recovery efforts prioritized reinstating core services such as email and internal applications to minimize business interruption. The image.canon service outage remained a visible consequence, with the loss of user data underscoring the attack’s tangible impact on customers. No ransom demands or threat actor identities were revealed in the internal memo or subsequent public reports available at the time. The incident highlighted vulnerabilities in Canon’s infrastructure, though the company provided no further technical specifics regarding the duration of downtime, full scope of compromised systems, or long-term remediation steps beyond immediate containment actions.