Olympus, a number one medical know-how firm, is investigating a “potential cybersecurity incident” that impacted a few of its EMEA (Europe, Center East, Africa) IT techniques final week.
Olympus has greater than 31,000 workers worldwide and over 100 years of historical past growing for the medical, life sciences, and industrial gear industries.
The corporate’s digital camera, audio recorder, and binocular divisions have been transferred to OM Digital Options, which has been promoting and distributing these merchandise beginning with January 2021.
Buyer safety not affected by the assault
“Olympus is at present investigating a possible cybersecurity incident affecting restricted areas of its EMEA (Europe, Center East, Africa) IT techniques on September 8, 2021,” the corporate said in a statement printed Saturday, three days after the assault.
“Upon detection of suspicious exercise, we instantly mobilized a specialised response workforce together with forensics specialists, and we’re at present working with the very best precedence to resolve this situation.
“As a part of the investigation, we’ve suspended knowledge transfers within the affected techniques and have knowledgeable the related exterior companions.”
Olympus additionally stated that it is engaged on discovering the extent of the injury ensuing from this assault and can share additional information as quickly as it’s out there.
Christian Pott, firm spokesperson chargeable for Olympus company issues, additionally instructed BleepingComputer that buyer safety and repair weren’t affected by the incident.
“The help, service and safety of our buyer has the very best precedence and isn’t effected by this case,” an Olympus spokesperson instructed BleepingComputer when contacted by way of e-mail.
“Please perceive, that we can not give any additional data or assertion as a result of ongoing means of inner and exterior investigation.”
Doubtless hit by BlackMatter ransomware
Whereas Olympus didn’t share any particulars on the attackers’ identification, ransom notes left on techniques impacted through the breach level to a BlackMatter ransomware assault, as first reported by TechCrunch.
The identical ransom notes additionally level to a Tor web site the BlackMatter gang has used previously to speak with victims.
BlackMatter is a comparatively new ransomware operation that surfaced on the finish of July 2021 and was initially believed to be a rebrand of DarkSide ransomware.
From samples collected by researchers after a few of their subsequent assaults, it was later confirmed that BlackMatter ransomware’s encryption routines had been the identical customized and distinctive ones that DarkSide used.