Japanese camera maker and tech giant Olympus has been forced to shut down its computer systems in the United States, Canada and Latin America after recently falling victim to a cyberattack.
In a statement posted on its website, the company said it was currently investigating a possible cybersecurity incident that occurred on October 10 and affected its computer systems.
After detecting suspicious activity on its network, Olympus mobilized a response team made up of forensic experts, but also suspended all of its affected systems to contain any potential threats. At the same time, the company is working with third parties as part of its investigation.
Olympus, however, confirmed that this incident was limited to its computer systems in the United States, Canada and Latin America and that no other region was affected by the attack.
Repeat the attack?
If this latest incident sounds familiar to you, it’s probably because Olympus suffered a similar cyberattack last month that affected its European, Middle East and African network.
At the time, the company issued a similar statement claiming it was “investigating a possible cybersecurity incident.” However, TechCrunch spoke with an anonymous source familiar with the incident where Olympus was recovering from a ransomware attack.
A ransom note was reportedly left on the infected systems of the company that linked the attack to the BlackMatter ransomware-as-a-service (RaaS) group. According to Brett Callow, ransomware expert and threat analyst at Emsisoft, who spoke to the media, this new group appears to have arisen from the ashes of the ransomware group DarkSide which closed its doors in May following its attack on the Colonial Pipeline.
Olympus has yet to confirm that the BlackMatter ransomware group was behind the first attack and its investigation into the second attack is still ongoing.