MINO INDUSTRY CO., LTD.
We would like to provide an update regarding the ransomware cyberattack that targeted Mino Industries Co., Ltd., following our previous announcements on October 4 and October 6. This report includes newly identified details from our ongoing investigation, as well as corrections to previously shared information.
Overview of the Incident
- October 1 (Wed), 19:31
Unauthorized access to our internal network was made using an employee VPN account.
As the account lacked administrative privileges, the intruder was limited to reconnaissance activities. Multiple instances of such activity were observed thereafter. - October 3 (Fri), 20:58
Administrative privileges were exploited, leading to destructive actions including disabling security systems, encrypting files, and resetting servers. - October 4 (Sat), 01:21
A ransom note was discovered in an internal folder.
Response Measures
- October 4 (Sat), 02:25 – Attack confirmed
- October 4 (Sat), 02:49 – Network disconnected
- October 4 (Sat), 04:45 – VPN access disabled
- October 4 (Sat) – Notifications sent to customers, relevant parties, and law enforcement
- October 4 (Sat) – Systems related to order processing, production, and shipping reviewed and recovery initiated
- October 4 (Sat) – Systems related to financial transactions reviewed and recovery initiated
- October 7 (Tue) – Restrictions on external connections implemented
- October 8 (Wed) – Potential data breach reported to the Personal Information Protection Commission
- October 10 (Fri) – Detailed forensic investigation commenced
Current Status
- Deployment of Endpoint Detection and Response (EDR) and behavioral monitoring systems
- Comprehensive virus scans on all servers and devices using advanced antivirus software
- Password reset for all user accounts
- Complete shutdown of all external access points including VPN (no immediate plans for reactivation)
- Restricted external access via isolated clean terminals
- Ongoing forensic investigation by external cybersecurity experts
External Impact
At this time, no external infections have been confirmed.
Information Security
Forensic analysis has revealed traces of minimal data transmission.
While the volume is extremely small, we cannot completely rule out the possibility of leakage of customer or personal information.
We sincerely apologize for the concern and inconvenience caused to our customers, business partners, and all stakeholders.
We are committed to taking all necessary measures to restore a secure environment and ensure the safety of our systems.
Further updates will be provided directly to relevant parties as appropriate.