Cyber Incident Victim: 株式会社KADOKAWA
Date:
Jun 2024
Location:
Japan
Summary
KADOKAWA experienced a cybersecurity incident involving unauthorized external access to its group servers, causing widespread service disruptions across multiple websites including Nico Nico Services, its official corporate site, and the Ebten platform. The company promptly shut down affected systems to preserve data integrity and initiated internal investigations confirming a likely cyberattack. While assessing potential data breaches, the organization is collaborating with external cybersecurity experts and law enforcement to determine the full scope of impact and restore operations, with updates promised as new information emerges.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 8, 2024, Kadokawa Group experienced a widespread disruption affecting multiple websites and services. The incident began in the early morning hours when the company detected inaccessible servers across its infrastructure. Kadokawa promptly initiated emergency protocols, shutting down affected servers to preserve data integrity. An internal investigation conducted the same day concluded that unauthorized external access to the servers likely caused the outage, with a high probability of cyber attack involvement. The disruption impacted several critical platforms, including the Nico Nico video service ecosystem, Kadokawa’s corporate website, and the Ebten e-commerce platform. Company representatives publicly acknowledged the incident, apologizing to customers, business partners, and stakeholders for the inconvenience and concern caused by the service interruptions. Technical teams prioritized system protection and restoration efforts to minimize operational impact across the group’s digital properties.
Kadokawa confirmed ongoing investigations into potential data exfiltration while maintaining affected systems offline during forensic analysis. The company engaged external cybersecurity specialists and law enforcement to expand the scope of its investigation beyond initial internal assessments. No conclusive evidence regarding data compromise had been established at the time of their initial public statement. Restoration timelines remained unspecified as technicians worked to determine the full extent of system vulnerabilities exploited in the attack. Kadokawa committed to providing further updates upon verifying new material facts about the incident’s scope or consequences. Operational recovery efforts focused on verifying system integrity before reactivating services to prevent secondary compromises. The company maintained its apology stance throughout the initial response phase while refraining from speculating about attack origins or motives pending completed investigations.