- Japanese retailer Muji hit by ransomware attack
- The attack targeted its logistics partner Askul
- This follows a number of third-party breaches affecting retailers and manufacturers.
Muji was forced to shut down much of its operations after its delivery partner, Askul, was the target of a ransomware attack.
The Japanese clothing and home goods retailer confirmed that the incident impacted browsing, online shopping, order history through the Munji app, and viewing web content.
If customer data has been compromised, especially personally identifiable information such as names, addresses, email addresses or even financial data, this could put customers at risk of identity theft, as criminals could use their information to take out credit cards or loans.
Operational disruptions
“ASKUL’s website is currently experiencing a system outage due to a ransomware infection, interrupting order acceptance and shipping operations,” Askul’s statement confirmed (translated by Google Translate).
“We are currently investigating the extent of the impact, including the leak of personal information and customer data, and will notify you as soon as it becomes clear,” Askul added.
Askul only provides e-commerce logistics to Muji’s Japanese branch, so stores in other parts of the world appear unaffected.
Series of retailer attacks highlights vulnerabilities of third-party vendors.
This incident is the latest in a seemingly endless series of ransomware attacks targeting department stores and retailers.
More recently, Japanese beer giant Asahi and car manufacturer Jaguar Land Rover had to interrupt their production lines following serious cyberattacks.
These third-party breaches should serve as a wake-up call for modern cybersecurity teams and highlight the need for vigilance, accountability and transparency.
The increased reliance on external vendors significantly increases the attack surface that bad actors can target. Large retailers may have the budget and staffing to strengthen their cyber defenses, but smaller software, logistics or manufacturing companies may not have the same resources or protections.
The best identity theft protection for every budget
