Olympus confirms US cyberattack, weeks after BlackMatter ransomware hit EMEA systems

Japanese technology giant Olympus has confirmed it was hit by a cyberattack over the weekend that forced it to shut down its IT systems in the U.S., Canada and Latin America.

In a statement on its website, Olympus said it is “investigating a potential cybersecurity incident detected October 10” and is “currently working with the highest priority to resolve this issue.”

“As part of the investigation and containment, we have suspended affected systems and have informed the relevant external partners. The current results of our investigation indicate the incident was contained to the Americas with no known impact to other regions.”

“We are working with appropriate third parties on this situation and will continue to take all necessary measures to serve our customers and business partners in a secure way. Protecting our customers and partners and maintaining their trust in us is our highest priority. Our investigation is ongoing and we are committed to transparent disclosure and will continue to provide updates as new information becomes available.”

It’s near-identical to a statement put out by Olympus last month following a cyberattack on its European, Middle East and Africa network.

At the time of the attack, Olympus also said it was “investigating a potential cybersecurity incident.” A person with knowledge of the incident told TechCrunch that Olympus was recovering from a ransomware attack. A ransom note left behind on infected systems was also linked to the BlackMatter ransomware-as-a-service group.

Brett Callow, a ransomware expert and threat analyst at Emsisoft, told TechCrunch that given this latest incident occurred at the weekend — often when gangs deploy ransomware, including holidays — increases the likelihood of a repeat attack. “And if it is ransomware, whether it’s BlackMatter again is impossible to say. It certainly could be, or the affiliate responsible for the attack on the EMEA operations could have chosen to deploy different ransomware this time,” he added.

When reached, Olympus spokesperson Susan Scerbo did not have any immediate comment. We’ll update as we learn more about Olympus’ security incident.