Seiko Group Corporation (SGC) [1] [2] [3] [4] [5], a Japanese watchmaker [1] [3], recently provided an update on a ransomware attack that occurred on July 28, 2023. This attack, carried out by the BlackCat gang, resulted in a data breach compromising personal information of 60,000 individuals. Seiko Watch Corporation (SWC) was particularly affected [2], with stolen customer information including names [4], addresses [4], phone numbers [4], and email addresses [4]. Job applicants [2] [4], staff [4], and business counterparties were also impacted. Seiko Group and Seiko Instruments were affected as well, with stolen counterparty data and employee details [4].


The unauthorized access to one of Seiko’s servers was discovered on August 10, 2023. The compromised data included sensitive customer information [2], job applicant details [2], employee records [2], and business transaction information [2] [5]. Additionally, production plans [1] [3], employee passport scans [1] [3], new model release plans [3], lab test results [3], and technical schematics of existing and upcoming Seiko watches were accessed [3]. Internal documents [2], such as watch blueprints, were also leaked. Seiko conducted an investigation and confirmed that personal data across SGC [2], SWC [2] [5], and Seiko Instruments Inc. (SII) had been compromised [5]. The breach was initially disclosed by Seiko in August 2023 after BlackCat listed Seiko on its data leak site. Seiko promptly reported the breach to the Personal Information Protection Committee and the Tokyo Metropolitan Police [2]. It is important to note that no credit card details were accessed during the breach. Seiko did not pay a ransom and performed a clean system restoration [4]. The company is currently identifying the extent of the breach and reaching out to affected parties individually. They are also reviewing their IT vulnerabilities and business continuity plans [2].


The breach has raised concerns about potential phishing scams targeting the victims and the impact on other organizations [5]. Seiko has taken immediate action by implementing enhanced security measures and collaborating with cybersecurity experts to prevent future incidents. They have also apologized for any inconvenience caused by the breach [5]. Moving forward, Seiko will continue to assess the impacts, strengthen their IT infrastructure, and ensure business continuity [2].