Canon hit by alleged ransomware attack, cloud-stored photos lost

A message posted to Canon's website yesterday only explains the technical problems, which took place between July 30 and August 4, in very broad terms. Photo / Getty Images

Canon says a number of photos and videos that its customer stashed in its free cloud storage service have been lost.

But at this point if, it is not clear if an internal technical stuff-up caused the data loss - or if it was foul play.

The camera giant could have suffered a ransomware attack that took its email and other systems and saw some 10 terabytes of data stolen from multiple systems - including a cloud storage service that lets its customers store up to 10 gigabytes of photos online for free.

That's the view of security publication Bleeping Computer, which recently closely tracked what did turn out to be a ransomware attack on Garmin.

However, a message posted to Canon's website yesterday only explains the technical problems, which took place between July 30 and August 4, in very broad terms. It makes no mention of a hack.

Canon - which did not immediately respond to a request for comment, did say in its August 4 update that there had been an "issue" with its free online storage service.

"On July 30, 2020, we identified an issue involving the 10GB long-term storage on image.canon. In order to conduct further investigation, we temporarily suspended both the mobile application and web browser service of image.canon," the company said.

"After the investigation, we identified that some of the photo and video image files saved in the 10GB long-term storage prior to June 16, 2020 9:00am (JST) were lost."

Bleeping Computer notes several elements that it views as suspicious of a cyberattack, including that 24 Canon domains, including consumer.usa.canon.com, are still offline today. It also published a portion of an alleged ransom note from the Maze ransomware gang (the portion published did not include a dollar figure).