Askul hit by ransomware attack
Incident
Summary
Hide ▲
Show ▼
Askul confirmed a ransomware intrusion that caused system failure, disrupted orders and shipping, and affected downstream retail delivery services. The company initially said it was investigating possible exposure of personal and customer data, and the outage also interrupted several customer-facing services. By December 15, Askul said restoration was still ongoing and shipment disruption continued. The company also confirmed that roughly 740,000 customer records were stolen, expanding the incident from operational disruption to a significant data-theft event. Investigators said the attackers likely entered through compromised credentials for an outsourced partner administrator account without MFA, then disabled EDR and moved through multiple servers. Askul informed Japan’s Personal Information Protection Commission and set up long-term monitoring.
Related Happenings
0APT and KryBit ransomware turf war forces rebuild and rebrand pressure
Threat Actor Meta
First: 28.04.2026 16:00
Last: 28.04.2026 16:00
Sources 1
About this happening:
**0APT** and **KryBit** escalated a ransomware turf war in **April 2026** by leaking each other's operational data, defacing leak sites, and exposing infrastructure details that u...
0APT and KryBit ransomware turf war forces rebuild and rebrand pressure
Threat Actor MetaAbout this happening: **0APT** and **KryBit** escalated a ransomware turf war in **April 2026** by leaking each other's operational data, defacing leak sites, and exposing infrastructure details that u...
SmarterMail initial-access ransomware campaign with delayed encryption
Campaign
First: 18.02.2026 18:27
Last: 18.02.2026 18:27
Sources 1
About this happening:
A **SmarterMail** ransomware campaign is using newly disclosed email-server flaws for **initial access** and delaying encryption, raising the risk that exposed mail systems become...
SmarterMail initial-access ransomware campaign with delayed encryption
CampaignAbout this happening: A **SmarterMail** ransomware campaign is using newly disclosed email-server flaws for **initial access** and delaying encryption, raising the risk that exposed mail systems become...
Washington Hotel brand in Japan / Fujita Kanko hit by ransomware attack
Incident
First: 16.02.2026 23:10
Last: 16.02.2026 23:10
Sources 1
About this happening:
The **Washington Hotel** brand in **Japan** disclosed a **ransomware attack** that compromised its servers and exposed **various business data**. The incident matters because some...
Washington Hotel brand in Japan / Fujita Kanko hit by ransomware attack
IncidentAbout this happening: The **Washington Hotel** brand in **Japan** disclosed a **ransomware attack** that compromised its servers and exposed **various business data**. The incident matters because some...
Askul records leak tied to RansomHouse ransomware attack
Data Leak
First: 16.12.2025 01:13
Last: 16.12.2025 01:13
Sources 1
How related:
Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October.
About this happening:
The **Askul Corporation** data leak now matters because **RansomHouse** stole about **740,000 records** from the company’s **October** ransomware attack, expanding the blast radiu...
Askul records leak tied to RansomHouse ransomware attack
Data LeakHow related: Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October.
About this happening: The **Askul Corporation** data leak now matters because **RansomHouse** stole about **740,000 records** from the company’s **October** ransomware attack, expanding the blast radiu...
Qilin ransomware leak-site surge and double-extortion activity in H2 2025
Malware Activity
First: 27.10.2025 18:45
Last: 27.10.2025 18:45
Sources 1
About this happening:
The **Qilin ransomware** operation sustained a **leak-site surge** in **second half of 2025**, publishing **more than 40 victim listings per month** and keeping pressure on victim...
Qilin ransomware leak-site surge and double-extortion activity in H2 2025
Malware ActivityAbout this happening: The **Qilin ransomware** operation sustained a **leak-site surge** in **second half of 2025**, publishing **more than 40 victim listings per month** and keeping pressure on victim...
Timeline
-
15.12.2025 02:00 1 articles · 5mo ago
Askul details intrusion path and EDR evasion
Technical Analysis UpdateAskul Corporation says attackers likely entered through compromised authentication credentials for an outsourced partner administrator account without MFA, then conducted reconnaissance, attempted credential collection, disabled EDR, moved between multiple servers, and used multiple ransomware variants that evaded updated EDR signatures.
Show sources
- Askul confirms theft of 740k customer records in ransomware attack — www.bleepingcomputer.com — 16.12.2025 01:13
-
15.12.2025 02:00 2 articles · 5mo ago
Askul confirms 740,000-record theft and continuing disruption
Victim Impact UpdateAskul Corporation says roughly 740,000 customer records were stolen, including business customer service data, individual customer service data, business partner records, and records tied to executives and employees; the company has informed Japan’s Personal Information Protection Commission, established long-term monitoring, continued shipment disruption as of December 15, and kept restoring systems after data encryption and system failure.
Show sources
- Askul confirms theft of 740k customer records in ransomware attack — www.bleepingcomputer.com — 16.12.2025 01:13
- Askul confirms theft of 740k customer records in ransomware attack — www.bleepingcomputer.com — 16.12.2025 01:13
-
02.12.2025 02:00 1 articles · 5mo ago
RansomHouse leak update on Askul, December 2
Campaign Scope UpdateRansomHouse issues another Askul Corporation data leak on December 2, indicating continued exploitation and disclosure activity.
Show sources
- Askul confirms theft of 740k customer records in ransomware attack — www.bleepingcomputer.com — 16.12.2025 01:13
-
10.11.2025 02:00 1 articles · 6mo ago
RansomHouse leak update on Askul, November 10
Campaign Scope UpdateRansomHouse follows up with a data leak involving Askul Corporation on November 10, extending the campaign’s pressure against the affected organization.
Show sources
- Askul confirms theft of 740k customer records in ransomware attack — www.bleepingcomputer.com — 16.12.2025 01:13
-
30.10.2025 02:00 1 articles · 6mo ago
RansomHouse claims Askul breach
Initial DisclosureRansomHouse claims the Askul Corporation breach and publicly identifies the Japanese e-commerce and logistics company as a target in its extortion campaign.
Show sources
- Askul confirms theft of 740k customer records in ransomware attack — www.bleepingcomputer.com — 16.12.2025 01:13
-
20.10.2025 21:45 2 articles · 7mo ago
Askul confirms ransomware outage disrupts orders and shipping
Initial DisclosureAskul said a ransomware infection caused a system failure on the Askul website and forced suspension of orders and shipping operations while it investigated the scope of impact, including possible leakage of personal information and customer data. The outage also suspended product return applications, receipt mailing, catalog shipping, and collection services, and Askul’s customer service desk was unreachable by phone and through the website.
Show sources
- Retail giant Muji halts online sales after ransomware attack on supplier — www.bleepingcomputer.com — 20.10.2025 21:45
- Retail giant Muji halts online sales after ransomware attack on supplier — www.bleepingcomputer.com — 20.10.2025 21:45