Cyber Incident Victim: Fujipoly
Date:
May 2025
Location:
Hong Kong
Summary
The overseas subsidiary of Fujipoly experienced a ransomware infection following external unauthorized access, which caused a server to stop functioning and data to be encrypted; the company responded by halting the server’s specifications and isolating it from the network, then conducted security checks on all endpoints and confirmed no abnormalities. The affected server held only general data, business operations remained unaffected, and the company stated it would disclose any further developments.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 26, 2025, the overseas subsidiary FUJIPOLY Hong Kong Ltd. (FPHK) experienced a sudden loss of server functionality. An investigation determined that the cause was external unauthorized access. During the intrusion, an actor executed ransomware that encrypted data stored on the affected server. The company disclosed the incident publicly on June 3, 2025, through a press release and a notice on its website. The notice indicated that the unauthorized access occurred in the morning of May 26.
Upon discovering the ransomware infection, FPHK immediately halted the server’s specifications and disconnected the compromised system from the network. All endpoints across the subsidiary were subjected to a comprehensive security check. The verification process confirmed that no terminal exhibited any abnormalities after the check. The company stated that the affected server contained only general data and did not support core business or operational functions.
As a result of the isolation and verification, FPHK reported that business operations and day‑to‑day activities remained unaffected. Fujipoly indicated that it would promptly disclose any additional facts that emerged concerning the incident. The provided contact email for inquiries is [email protected]. No further details about the ransomware variant, threat actor, or data loss were disclosed in the available sources.