The Askul data breach has exposed personal information belonging to approximately 740,000 customers after a cyberattack linked to the RansomHouse extortion group. The Japanese office supply company confirmed that attackers accessed internal systems and stole customer data during the incident.
Askul operates one of Japan’s largest business-to-business supply platforms, making the breach particularly significant for both corporate and individual customers.
RansomHouse Claims Responsibility for the Attack
The RansomHouse cybercrime group claimed responsibility for the intrusion and stated that it extracted large volumes of customer data. Unlike traditional ransomware operations, RansomHouse focuses on data theft and extortion rather than encrypting systems.
Askul later confirmed that attackers gained unauthorized access to its network and copied customer records. The company reported no disruption to its ordering systems or logistics operations.
Customer Information Stolen in the Askul Data Breach
Askul confirmed that the stolen data includes personal information linked to customer accounts. The exposed records reportedly contain:
- Names
- Email addresses
- Postal addresses
- Phone numbers
- Order and account-related details
Askul stated that the breach did not expose payment card numbers or account passwords. The company continues to review the data set to confirm whether attackers accessed additional information.
Unauthorized Network Access Enabled Data Theft
Investigators traced the incident to unauthorized access within Askul’s internal network. Attackers moved through the environment and extracted data before security teams detected the activity.
Askul has not disclosed the initial entry point. However, the company confirmed that it strengthened monitoring systems and tightened access controls following the discovery.
Company Response and Customer Notifications
Askul notified affected customers after confirming the scope of the data exposure. The company also reported the incident to relevant authorities and engaged external cybersecurity specialists to support the investigation.
In a public statement, Askul apologized for the incident and emphasized its commitment to improving security measures. The company has not confirmed whether it received ransom demands or entered negotiations with the attackers.
RansomHouse Expands Data Extortion Campaigns
RansomHouse has increased its activity in recent months by targeting large organizations worldwide. The group relies on data extortion tactics, threatening to publish stolen information if victims refuse to pay.
This approach allows attackers to bypass many ransomware defenses while still inflicting reputational, regulatory, and legal damage.
Conclusion
The Askul data breach highlights the growing threat posed by data extortion groups that prioritize theft over disruption. Even without encrypting systems, attackers can expose vast amounts of sensitive customer information.
As ransomware tactics continue to evolve, organizations must strengthen network visibility, data access controls, and incident response capabilities to reduce the impact of similar attacks.
0 responses to “Askul Confirms Theft of 740,000 Customer Records in RansomHouse Cyberattack”