- Japanese retailer Muji affected by ransomware attack
- The attack targeted its logistics partner Askul
- This follows a number of third-party breaches impacting retailers and manufacturers
Muji has been forced to halt much of its operations after its delivery partner, Askul, was targeted in a ransomware attack.
The Japanese clothing and homeware retailer confirmed that the incident has impacted browsing, online purchases, order histories through the Munji app, and the display of web content.
If customer data has been compromised, especially personally identifiable information like names, addresses, email addresses, or even financial data – this could leave customers at risk of identity theft, as criminals could use their information to take out credit cards or loans.
Operational disruptions
‘The ASKUL website is currently experiencing a system outage due to a ransomware infection, halting order acceptance and shipping operations,’ Askul’s statement confirmed (translated through Google Translate).
‘We are currently investigating the extent of the impact, including the leak of personal information and customer data, and will notify you as soon as it is clear,’ Askul added.
Askul only provides ecommerce logistics to the Japanese branch of Muji, so stores in other parts of the world seem to remain unaffected.
The series of retailer attacks bring forward the vulnerabilities from third-party suppliers.
The incident is the latest in a seemingly never-ending string of ransomware attacks hitting high-street stores and retailers.
Most recently, Japanese beer giant Asahi, and carmaker Jaguar Land Rover, had to halt production lines following serious cyberattacks.
These third party breaches should serve as a wake-up call for modern cybersecurity teams, and underscore the need for vigilance, accountability, and transparency.
The increased reliance on outside vendors drastically increases the attack surface that malicious actors can target. Large retailers may have the budget and manpower to bolster their cyber defenses – but smaller software, logistics, or manufacturing companies may not have the same resources or protections.
The best ID theft protection for all budgets
