Casio Keyed Up After Data Loss Hits Customers In 149 Countries (theregister.com) 27
Jessica Lyons Hardcastle reports via The Register: Japanese electronics giant Casio said miscreants broke into its ClassPad server and stole a database with personal information belonging to customers in 149 countries. ClassPad is Casio's education web app, and in a Wednesday statement on its website, the firm said an intruder breached a ClassPad server and swiped hundreds of thousands of "items" belonging to individuals and organizations around the globe. As of October 18, the crooks accessed 91,921 items belonging to Japanese customers, including individuals and 1,108 educational institution customers, as well as 35,049 items belonging to customers from 148 other countries. If Casio finds additional customers were compromised, it promises to update this count.
The data included customers' names, email addresses, country of residence, purchasing info including order details, payment method and license code, and service usage info including log data and nicknames. Casio noted that it doesn't not retain customers' credit card information, so presumably people's banking info wasn't compromised in the hack. An employee discovered the incident on October 11 while attempting to work in the corporate dev environment and spotted the database failure. "At this time, it has been confirmed that some of the network security settings in the development environment were disabled due to an operational error of the system by the department in charge and insufficient operational management," the official notice said. "Casio believes these were the causes of the situation that allowed an external party to gain unauthorized access." The intruder didn't access the ClassPad.net app, according to Casio, so that is still available for use.
The data included customers' names, email addresses, country of residence, purchasing info including order details, payment method and license code, and service usage info including log data and nicknames. Casio noted that it doesn't not retain customers' credit card information, so presumably people's banking info wasn't compromised in the hack. An employee discovered the incident on October 11 while attempting to work in the corporate dev environment and spotted the database failure. "At this time, it has been confirmed that some of the network security settings in the development environment were disabled due to an operational error of the system by the department in charge and insufficient operational management," the official notice said. "Casio believes these were the causes of the situation that allowed an external party to gain unauthorized access." The intruder didn't access the ClassPad.net app, according to Casio, so that is still available for use.
Sounds like the job was a.... (Score:4, Funny)
...class act.
Yeeeeaaahhh!
They are still around? (Score:2)
They sold all kinds of gizmos in the 80's and 90's, but smartphones and PC's replaced most of such. Been a while since I've seen a new Casio gizmo. I think last was a smart-watch.
Re: (Score:3)
I still have a casio ironman watch that's solar and uses the NIST time sync signal for setting itself. It's old enough to drink by itself, got it new in 2001. Still using the same battery and will probably outlive me. Watches were so much more reliable back in those days, now get off my lawn!
Re: (Score:2)
No way to back up and restore with it? I remember my very old Data Bank calculator watch would lose everything by swapping its batteries. :(
Re: (Score:2)
Too bad they didn't do smartphones. They could had been kicking arse with them.
Re: (Score:1)
Those good at hardware often are not so good at software, and vice versa. And if you partner up, bet your system on the wrong standards, you can also hose yourself.
The Register does it again (Score:3)
Casio noted that it doesn't not retain customers' credit card information
That's from TFA!
Re:The Register does it again (Score:5, Funny)
Yep!
"Casio noted that it doesn't not retain customers' credit card information, so presumably people's banking info wasn't compromised in the hack."
Well thank god nobody's information was not compromised.
Re: (Score:2)
Casio noted that it doesn't not retain customers' credit card information
That's a double-negative [niu.edu] and makes no sense as written. A lawyer would certainly take issue with regards to liability from such a statement.
Not surprising (Score:2)
I believe someone told me they use some MSSP for their security program, so this isn't surprising to say the least.
Old school calculator watches! (Score:2)
At least my rad old school dumb Data Bank watches aren't remoteable accessible. :P
Re: (Score:2)
"At least my rad old school dumb Data Bank watches aren't remoteable accessible"
Even by the user a lot of the time! I had one and while it was a nice gimmick its usability was in the toilet.
Looked cool though.
Re: (Score:2)
Yeah, usability was bad but then it was designed during the rad 80s. :P
Re: (Score:2)
Nor is my G-Shock
Real customer data in test regions? (Score:1)
Business opportunity idea (Score:2)
So many criminal hackers have stolen so much data they need a service to help them manage all of their data needs.
Criminal hackers? (Score:2)
The correct term of art is "miscreants."
Casio should've stayed focusd on music instruments (Score:2)
Some of the best tracks to dance to were made with the old Casio gear.
https://www.youtube.com/watch?... [youtube.com]
Even hot girls dance to it!
Re: (Score:2)
For the price some of Casio's synth gear was pretty good kit.
Used for blackmail? (Score:2)
Re: (Score:2)
You need e-mail addresses for your phishing and credential stuffing campaigns....
Just call it a breach (Score:2)
Although "data loss" does add some weight to the word "stolen"... If Casio actually lost the data, then I guess it actually was stolen.
Bad Terminology (Score:2)
It's not a "data loss". Data loss is when you are no longer able to access your own data. This was a data *leak*.
Re: (Score:2)
A memory leak is when you can no longer access some memory. Which I always thought was a stupid label, but that's what everyone calls it.