“Come for 3 million yen a month” Kadokawa cyber attack Desperate attempt to lure engineers with high salaries

The information leak problem at the major publishing company Kadokawa is getting more serious day by day.
It all started with an article titled “Top Secret Document: The Full Story of the ’Ransom’ Demanded by Hackers” published by the online news media “Newspicks” on June 22nd.
“The article reported that Kadokawa was under attack by ransomware. Ransomware locks infected computers or encrypts files, rendering them unusable, and then demands a ransom, saying, ’If you want your data back, pay me money.’ According to the article, one of the directors has already sent the money demanded by the hackers without a resolution from the board of directors. If the article is true, it means that some of the executives have succumbed to the hackers’ threats.” (Social Affairs Reporter)
IT journalist Inoue Toshiyuki, who is also a “Nico Live” streamer on Nico Nico Douga, reveals the following.
“On June 8th, when Nico Live stopped, Kadokawa explained that ’We will not be able to restore it until the end of July.’ The management side will need to identify the route of the attack, the possibility and scope of information leakage, and check whether any malware remains in the system. I think they decided that they could not resume operations hastily.”

However, it seems that the damage was severe in the end. According to a release issued by Kadokawa on July 10th,

It was claimed that the organization that allegedly carried out the cyber attack had leaked some of the information held by Dwango Co., Ltd. (a subsidiary of Kadokawa), and that the information was made public. The information in question included some personal information and contract information both inside and outside the company.

The hacker revealed that the personal information held by Kadokawa was made public on the Internet. Mr. Inoue talks about the behind-the-scenes of the fierce battle.

At the general shareholders’ meeting on June 18th, the company’s president, Takeshi Natsuno, apologized, saying, “We are doing our best to restore the system with a team of 250 people,” but in reality, it seems that they have started by gathering system engineers to work on the restoration.

“It is true that Kadokawa is trying to gather people together and somehow restore the system. On July 3rd, it was discovered that Kadokawa Connected, a subsidiary of the company that handles infrastructure development and operation, was recruiting security engineers on a job site, which became a hot topic. According to the job posting, the annual salary is 8 million yen. There were also criticisms online that it was “too low” (social affairs reporter mentioned above). On the other hand, some engineers say they were “scouted” under completely different conditions. Mr. X, a security expert, said that he received the following proposal from an executive. “They said they would pay me 3 million yen a month if I came. The amount is certainly attractive, but if they just ask me to come without knowing anything about the situation, such as what kind of attacks they are receiving from hackers, there is no way to respond. I politely declined.” (Mr. X) Read more on smart flash 2024.07.11 13:12 *Related thread Kadokawa Group is recruiting security engineers with a maximum annual salary of 8 million yen “Experience 0 to 1” ★3 [Old Man Friends Club ★]

「月額300万円で来てくれ」KADOKAWA　サイバー攻撃にエンジニアを高額報酬で決死の一本釣り…「日本企業はインシデントに備えがない」識者が警告 - Smart FLASH/スマフラ[光文社週刊誌]

smart-flash.jp

KADOKAWAグループ、セキュリティエンジニア募集中　最大年収800万円　「0→1を経験」★3 [おっさん友の会★]

asahi.5ch.net