Regarding Our Recent Data Breach (Third Report)
October 25, 2023
Seiko Group Corporation
As we announced on August 10 and 22 (*), we have experienced unauthorized access due to a ransomware attack by a third party on some of our servers. We immediately established an emergency response team and coordinated with professional cybersecurity experts, who helped to identify the root cause and assess the damage. We then began actively restoring our systems. While we continue working with these outside experts to address this situation, we would like to share the following information based on what we know at this time.
(*) Announcement on August 10, 2023: Notice of Data Breach and Response,
(*) Announcement on August 22, 2023: Regarding the Data Breach Due to Unauthorized Access to Our Servers
1. Background and response
On July 28, 2023, we detected unauthorized access to some of our servers, which later turned into a ransomware attack. We immediately started an emergency inspection of all our servers and sought assistance from cyber security experts. We initiated an investigation to clarify the extent of the breach, established an emergency response team to limit the damage, and initiated a clean system restoration. We also reported the incident to the Personal Information Protection Committee and the Tokyo Metropolitan Police.
Following a comprehensive review by both the Company and cybersecurity experts, we confirmed that a total of approximately 60,000 items of personal data held by Seiko Group Corporation (SGC), Seiko Watch Corporation (SWC), and Seiko Instruments Inc. (SII) were compromised.
As part of our ongoing response, we temporarily blocked external communication with the affected servers and have installed EDR (Endpoint Detection and Response) systems on all servers and PCs to detect unauthorized activity. We have also implemented measures such as multi-factor authentication to prevent further breaches.
2. Summary of leaked personal data
● SWC customer information, including names, addresses, telephone numbers, and/or email addresses (Note: credit card information was not compromised)
● Contact information for counterparties involved in business transactions with SGC, SWC, and/or SII, including the individual’s name, company affiliation, job title, company address, company phone number, and/or company email address
● Information supplied by applicants for employment with SGC and/or SWC, including names, addresses, phone numbers, email addresses, and/or educational background information
● Personnel information, including names and/or email addresses, for both current and former employees of SGC and its group companies
3. Future actions
In conjunction with cybersecurity experts and others, we are continuing to (1) review all IT operations and systems, and check for vulnerabilities therein, (2) identify the scope of the data breach, (3) assess the cause and full picture of the incident, (4) enhance system security and monitoring, (5) strengthen corporate governance throughout the Group, (6) review our Business Continuity Plan (BCP), and (7) implement third-party assessments and other measures to prevent any recurrence of this type of incident.
We sincerely apologize for any inconvenience this attack on our data servers may have caused or may yet cause. We have begun reaching out to each of the affected parties individually, and if any further leaks are discovered, we will, to the best of our ability, continue to respond to each affected party on an individual basis.
For inquiries, please refer to the following:
If you are affiliated with Seiko Group Corporation: (Email) email@example.com
If you are affiliated with Seiko Watch Corporation: (Email) firstname.lastname@example.org
If you are affiliated with Seiko Instruments Inc.: (URL) https://krs.bz/sii/m/sii_inquiry_en