Toho, the renowned Japanese entertainment company behind iconic films like *Godzilla*, *King Kong vs. Godzilla*, and *Seven Samurai*, was allegedly breached by the BlackLock ransomware gang. According to Cybernews, the group claimed to have compromised the studio, but investigations revealed that most of the leaked data sample links were either nonfunctional or contained irrelevant information. This suggests that while the breach was attempted, no significant data exfiltration or operational disruption occurred. Toho has not publicly confirmed or responded to the hack. The incident follows a broader trend of BlackLock’s aggressive expansion, with the gang emerging in March 2024 and rapidly becoming the seventh most active ransomware group after a 1,425% surge in attacks between Q3 and Q4 2024. Earlier, Resecurity researchers disrupted BlackLock’s operations by exploiting a vulnerability in their infrastructure, indicating potential weaknesses in the gang’s capabilities. Despite the breach claim, the lack of verifiable leaked data and Toho’s silence imply minimal tangible impact on the company’s operations, reputation, or financial standing at this stage.
Source: https://www.scworld.com/brief/blacklock-ransomware-lays-claim-on-toho-hack-but-proof-lacking
Golden Sombrero Licensing cybersecurity rating report: https://www.rankiteo.com/company/golden-sombrero-licensing
"id": "GOL4122841112625",
"linkid": "golden-sombrero-licensing",
"type": "Ransomware",
"date": "3/2024",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'entertainment (film production, '
'distribution)',
'location': 'Japan',
'name': 'Toho Co., Ltd.',
'type': 'private company'}],
'data_breach': {'data_exfiltration': 'alleged (unverified)',
'type_of_data_compromised': 'unverified (alleged by '
'BlackLock, but sample links '
'nonfunctional)'},
'description': 'World-renowned Japanese entertainment company Toho was '
'purportedly breached by the BlackLock ransomware gang. '
'According to Cybernews, most of the data sample links '
'provided by BlackLock were either nonfunctional or contained '
'useless information. Toho has not yet responded to the '
'alleged hack. This incident follows a disruption of '
"BlackLock's operations by Resecurity researchers, who "
"exploited a vulnerability in the group's infrastructure. "
'BlackLock, which emerged in March 2024, has compromised at '
'least 63 entities globally and is recognized as the seventh '
'most active ransomware gang after a 1,425% increase in '
'attacks between Q3 and Q4 2024.',
'impact': {'brand_reputation_impact': 'potential (due to public disclosure of '
'alleged breach)',
'data_compromised': 'alleged (unverified; sample links '
'nonfunctional or useless)'},
'investigation_status': "unconfirmed (Toho has not responded; BlackLock's "
'claims lack verifiable evidence)',
'motivation': ['financial gain', 'disruption'],
'ransomware': {'data_exfiltration': 'alleged (unverified)',
'ransomware_strain': 'BlackLock'},
'references': [{'source': 'Cybernews'}],
'threat_actor': 'BlackLock ransomware gang',
'title': 'Alleged Ransomware Attack on Toho by BlackLock Gang',
'type': ['ransomware', 'data breach (alleged)']}