Canon Identifies and Addresses Data Security Incident

Rhea-AI Summary

On November 25, 2020, Canon announced it addressed a data security incident involving ransomware identified on August 4, 2020. Unauthorized access to files from July 20 to August 6, 2020 exposed sensitive information about current and former employees from 2005 to 2020, including Social Security and financial account numbers. Canon is notifying those affected and offering complimentary credit monitoring through Experian. The company is enhancing its security measures while expressing regret for the incident.

Positive

• Canon is offering complimentary credit monitoring through Experian to affected individuals.
• The company is enhancing security measures to prevent future incidents.

Negative

• Unauthorized access to sensitive employee data from 2005 to 2020.
• Potential risk of identity theft for affected individuals due to exposed personal information.

MELVILLE, N.Y., Nov. 25, 2020 /PRNewswire/ -- Today, Canon, a leading provider of consumer, business-to-business, and industrial digital imaging solutions, announced that it identified and addressed a data security incident.¹

Canon identified a security incident involving ransomware on August 4, 2020. Canon immediately began to investigate, a cybersecurity firm was engaged, and measures were taken to address the incident and restore operations. Canon notified law enforcement and worked to support the investigation.  Canon also implemented additional security measures to further enhance the security of its network.

Canon determined that there was unauthorized activity on its network between July 20, 2020 and August 6, 2020.  During that time, there was unauthorized access to files on Canon's file servers. Canon completed a careful review of the file servers on November 2, 2020 and determined that there were files that contained information about current and former employees from 2005 to 2020 and their beneficiaries and dependents. The information in the files included the individuals' names and one or more of the following data elements: Social Security number, driver's license number or government-issued identification number, financial account number provided to Canon for direct deposit, electronic signature, and date of birth. 

Canon advises its current and former employees from 2005 to 2020 and their beneficiaries and dependents to remain vigilant for signs of unauthorized activity by reviewing their financial account statements. If they see charges or activity they did not authorize, Canon suggests they contact their financial institution immediately. Canon is in the process of providing notice of this incident to current and former employees from 2005 to 2020 and their beneficiaries and dependents and is offering them a complimentary membership to Experian's® IdentityWorks^SM credit monitoring service. Unfortunately, Canon does not have current addresses for all such individuals. Canon encourages its current and former employees from 2005 to 2020 and their beneficiaries and dependents to visit the website or call the telephone number below for additional information.

Canon regrets that this occurred and apologizes for any inconvenience.  Additional information is available at the following websites:

• https://usa.canon.com/internet/portal/us/home/explore/securityincident,
• https://csa.canon.com/internet/portal/us/csa/securityincident,
• https://cits.canon.com,
• https://ciis.canon.com/internet/portal/ciis/home/securityincident, and
• https://cfs.canon.com/securityincident.html

or by calling 1-833-960-3574, Monday through Friday, between 9:00 a.m. and 6:30 p.m., Eastern Time.

About Canon U.S.A., Inc.
Canon U.S.A., Inc., is a leading provider of consumer, business-to-business, and industrial digital imaging solutions to the United States and to Latin America and the Caribbean markets. With approximately $33 billion in global revenue, its parent company, Canon Inc. (NYSE: CAJ), ranks third overall in U.S. patents granted in 2019^† and was named one of Fortune Magazine's World's Most Admired Companies in 2020. Canon U.S.A. is dedicated to its Kyosei philosophy of social and environmental responsibility. To keep apprised of the latest news from Canon U.S.A., sign up for the Company's RSS news feed by visiting www.usa.canon.com/rss and follow us on Twitter @CanonUSA.

^† Based on weekly patent counts issued by United States Patent and Trademark Office.

¹ This press release is being provided by or on behalf of Canon U.S.A., Inc. and the following subsidiaries, predecessors, and affiliates: Canon BioMedical, Inc., Canon Business Solutions-Central, Inc., Canon Business Solutions-Mountain West, Inc., Canon Business Solutions-NewCal, Inc., Canon Business Solutions-Tereck, Inc., Canon Business Solutions-West, Inc., Canon Development Americas, Inc., Canon Financial Services, Inc., Canon Information and Imaging Solutions, Inc., Canon Information Technology Systems, Inc., Canon Latin America, Inc., Canon Medical Components U.S.A., Inc., Canon Software America, Inc., Canon Solutions America, Inc., Canon Technology Solutions, Inc., Canon U.S. Life Sciences, Inc., NT-ware USA, Inc., Océ Imaging Supplies, Inc., Océ Imagistics Inc., Océ North America, Inc., Océ Reprographic Technologies Corporation, and Virtual Imaging, Inc.

View original content:http://www.prnewswire.com/news-releases/canon-identifies-and-addresses-data-security-incident-301180854.html

SOURCE Canon

FAQ

What security incident did Canon report on November 25, 2020?

Canon reported a data security incident involving ransomware that was identified on August 4, 2020.

When was unauthorized access to Canon's network detected?

Unauthorized access was detected between July 20, 2020, and August 6, 2020.

What type of information was compromised in the Canon data breach?

Compromised information included names, Social Security numbers, driver's license numbers, financial account numbers, and dates of birth.

How is Canon supporting affected employees?

Canon is notifying affected individuals and offering complimentary membership to Experian's IdentityWorks credit monitoring service.

What actions has Canon taken following the data security incident?

Canon implemented additional security measures, engaged a cybersecurity firm, and notified law enforcement.