Japanese e-tailer Askul has resumed online sales, 45 days after a ransomware attack.
Askul operates several e-commerce brands serving both consumers and business buyers, plus logistics services used by other consumer brands including Muji. Its own site serves smaller businesses, while its SOLOEL ARENA brand targets corporate procurement customers. Its Lohaco brand, a consumer goods site, even has a tie-up with Yahoo Japan.
On October 19, the company found itself infected by ransomware and the next day advised it couldn’t accept orders or ship products. On October 22 the company said its Warehouse Management System was the problem, which meant it had to suspend its logistics services.
On October 30th, the company revealed the attack led to a major data breach, with customers’ names and contact details leaked. Some of that data appeared online. ASKUL acknowledged that, apologized, set up a cloudy email service to communicate with customers and used that send messages saying it hadn’t seen evidence of stolen personal data being abused.
By the first week of November, Askul started a fax ordering service. The company started with just 37 items, with the hero product being box-loads of printer paper, and would only sell to certain customers such as medical institutions and nursing care facilities. The fax scheme later expanded to more products, then added more distribution centers.
On November 19, the company addressed the nature of the attack – by announcing “We will refrain
Source: https://www.theregister.com/2025/12/03/askul_partial_ransomware_recovery/
TPRM report: https://www.rankiteo.com/company/p&w-design-consultants
"id": "p&w1764748512",
"linkid": "p&w-design-consultants",
"type": "Ransomware",
"date": "10/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Customers of '
'Askul, Lohaco, and '
'SOLOEL ARENA '
'brands',
'industry': 'E-commerce, Logistics',
'location': 'Japan',
'name': 'Askul',
'size': None,
'type': 'E-tailer'}],
'customer_advisories': 'Yes, via email and public statements',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Yes',
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': 'Names, '
'contact '
'details',
'sensitivity_of_data': 'High (names and contact '
'details)',
'type_of_data_compromised': 'Personally '
'Identifiable '
'Information (PII)'},
'date_detected': '2023-10-19',
'date_publicly_disclosed': '2023-10-20',
'date_resolved': '2023-12-03',
'description': 'Askul, a Japanese e-tailer, experienced a '
'ransomware attack that disrupted its online '
'sales and logistics services. The attack led to '
'a data breach involving customer names and '
'contact details, some of which appeared online. '
'The company resumed limited operations via fax '
'before fully restoring online sales after 45 '
'days.',
'impact': {'brand_reputation_impact': 'Yes',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Customer names and contact '
'details',
'downtime': '45 days',
'financial_loss': None,
'identity_theft_risk': 'Yes',
'legal_liabilities': None,
'operational_impact': 'Suspension of online orders, '
'shipping, and logistics '
'services; temporary fax-based '
'ordering system',
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': ['Warehouse Management System',
'Online sales platform',
'Logistics services']},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Completed',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': 'Yes',
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'Cyber Incident Description',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Customer advisories via '
'email, public apologies, '
'and updates on the '
'incident',
'containment_measures': 'Suspension of online '
'orders and logistics '
'services',
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': 'Gradual resumption of online '
'sales and logistics services',
'remediation_measures': 'Restoration of systems, '
'implementation of '
'fax-based ordering',
'third_party_assistance': None},
'title': 'Ransomware Attack on Japanese E-tailer Askul',
'type': 'Ransomware'}