Japanese retailer Askul confirms data leak after cyberattack claimed by Russia-linked group
Japanese office and household goods retailer Askul confirmed that customer and supplier data was leaked following a ransomware attack earlier in October, which disrupted operations across its e-commerce platforms.
The company said the breach exposed contact information and inquiry details from users of its online stores — Askul, Lohaco and Soloel Arena — as well as supplier data stored on its internal servers. “We sincerely apologize for the inconvenience and concern caused to our customers, business partners, and other related parties,” Askul said in a statement on Friday.
The attack disrupted supply chains for major Japanese retailers, including Ryohin Keikaku, which operates the popular household and lifestyle brand Muji, and The Loft, which also runs lifestyle stores. Both firms rely on Askul’s logistics network but have not said whether their own data was compromised.
While Askul did not specify the number of affected individuals or entities, the RansomHouse extortion group has claimed responsibility for the attack, alleging that it stole 1.1 terabytes of data.
Askul said it was aware of statements made by the group and is investigating the incident.
RansomHouse, a cybercrime group that emerged in March 2022, is known for its extortion tactics: rather than encrypting data, the group threatens to release all exfiltrated information publicly. The group calls itself as a “force for good” and claims to expose vulnerabilities in companies.
Cybersecurity researchers have previously linked RansomHouse to Russia-aligned threat actors, including Alphv/BlackCat, LockBit 3.0 and RagnarLocker.
The Askul incident adds to a string of cyberattacks on Japanese companies in recent months. In October, Asahi Group Holdings, the country’s largest brewer, reported a ransomware attack claimed by the Russian-speaking Qilin gang that disrupted production. Last week, auto parts manufacturer TEIN said ransomware crippled its headquarters network, halting operations across affiliated firms.
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.