- Japanese retailer Muji hit by ransomware attack
- The attack targeted its logistics partner Askul
- This follows a series of third-party breaches affecting retailers and manufacturers.
Muji was forced to halt much of its operations after its delivery partner, Askul, was the target of a ransomware attack.
The Japanese clothing and home goods retailer confirmed that the incident affected browsing, online shopping, order history through the Munji app, and viewing web content.
If customer data has been compromised, especially personally identifiable information such as names, addresses, email addresses, or even financial data, this could leave customers at risk of identity theft as criminals could use their information to obtain credit cards or loans.
Operational interruptions
“ASKUL’s website is currently experiencing a system outage due to a ransomware infection, halting order acceptance and shipping operations,” Askul’s statement confirmed (translated via Google Translate).
“We are currently investigating the extent of the impact, including the leak of personal information and customer data, and will inform you as soon as it is clear,” Askul added.
Askul only provides e-commerce logistics to Muji’s Japanese branch, so stores in other parts of the world appear to be unaffected.
The series of attacks on retailers highlights the vulnerabilities of third-party vendors.
The incident is the latest in a seemingly endless series of ransomware attacks hitting major stores and retailers.
More recently, Japanese brewing giant Asahi and carmaker Jaguar Land Rover had to stop their production lines following serious cyberattacks.
These third-party breaches should serve as a wake-up call for modern cybersecurity teams and underscore the need for vigilance, accountability, and transparency.
Increased reliance on third-party vendors dramatically increases the attack surface that malicious actors can attack. Large retailers may have the budget and manpower to bolster their cyber defenses, but smaller software, logistics, or manufacturing companies may not have the same resources or protections.
The best identity theft protection for every budget
