While Canon works its way through issues with its latest hot camera releases, it’s also grappling with what appears to be two separate website-related failures: it has lost ‘some’ customer image files from its relatively new image.canon cloud storage service; and most of its USA-based website infrastructure is, at time of writing, offline due to a ransomware attack.
US online information security website BleepingComputer has broken the news on both stories, initially speculating that the loss of image files at image.canon was itself a cyber-attack, but then being informed by no less than the ransomware gang apparently behind the Canon USA ransomware attack that it had nothing to do with them!
The fact that image.com is back online could indicate that is the case. On Monday, image.canon emerged from four days of being offline with the following announcement:
So it appears ‘some’ images from Canon customers using the long-term storage option have disappeared. The critical word here is ‘some’ – if it was, say, ‘a very small number’ or ‘around 250’ Canon would have said so. However, ‘some’ in this case is more likely to be weaselly PR-speak for ‘a lot’, ‘most’ or even ‘all’.
Here’s a feisty but valid comment from a DPReview reader in response:
‘Some of the original photo and video data files have been lost.’ ‘We apologize for any inconvenience.’
Inconvenience? Running out of toilet paper while you’re on the can is an inconvenience. When your taxi is delayed it is an inconvenience. When you get the Latte when you really wanted the Macchiato that’s an inconvenience.
When a cloud based imaging giant like Canon throws away your original digital assets, that’s no “inconvenience”, it’s a disaster. I work in IT and I can’t wrap my head around what exactly Canon could have done to end up losing data this way, but a statement like that is pathetic and plain disrespectful.
It will be of small comfort to Canon customers whose image files have disappeared that they can still view – if not actually retrieve – their thumbnails.
The human operated ransomware attack is very much at the ‘bleeding edge’ of malware. Not only is the victim website locked up via encryption, but senstive or valuable company data and communications is tracked down and stolen, with a threat of releasing it publicly if the ransom isn’t paid.
BleepingComputer was told directly by the ransomware gang that their attack was conducted on Monday, August 4 when they stole 10 terabytes of data from Canon, including ‘private databases etc’.
‘If you do not contact us in a 3 days we will post information about your breach on our public news website, and on 7 days the whole downloaded info,’ the ‘ransom note’ informs Canon USA, citing previous examples where the ransomware gang has released sensitive information to encourage the ransom payment.
At time of publication- August 7 – most of Canon USA’s’s online infrastructure was still down, including the main website and the online store, with a note that Canon is ‘making improvements’.