Ethical Hacking News
A Japanese e-commerce company has resumed partial sales on its platform 45 days after a devastating ransomware attack, highlighting the complex challenges faced by organizations in their post-attack recoveries. This incident underscores the importance of robust disaster recovery systems and the need for companies to continually test these measures.
Japan's e-tailer Askul has resumed partial sales on its platform 45 days after a ransomware attack. The company suffered a major data breach, with customer names and contact details leaked online. Askul implemented an innovative fax ordering service to mitigate the impact of the attack. The company worked on restoring its Warehouse Management System (WMS) after it was compromised by the ransomware. Only Askul's B2B services are currently available, with consumer-facing online sales remaining offline.
In a sobering reminder of the unpredictable nature of cybersecurity threats, Japan's e-tailer, Askul, has recently resumed partial sales on its platform 45 days after a devastating ransomware attack. The incident serves as a poignant reminder of the far-reaching consequences of such attacks and the Herculean efforts required to restore online services.
For those who may not be familiar with the details, Askul operates several e-commerce brands serving both consumers and business buyers, in addition to providing logistics services used by other prominent consumer brands like Muji. Its own website caters to smaller businesses, while its SOLOEL ARENA brand targets corporate procurement customers. Moreover, its Lohaco brand boasts a tie-up with Yahoo Japan, underscoring the significance of its e-commerce endeavors.
The company's woes began on October 19th, when it discovered itself infected by ransomware. The next day, Askul advised its customers that they could no longer place orders or have products shipped. Following an investigation, the company revealed that the attack had led to a major data breach, with customer names and contact details leaked online. In a bid to mitigate the fallout, Askul set up a cloudy email service to communicate with affected parties and sent messages assuring them they hadn't seen evidence of their personal data being misused.
The early stages of recovery were marked by an innovative approach, where the company initiated a fax ordering service. Initially, this scheme was limited to just 37 items, with printer paper featuring prominently as one of its flagship products. However, it wasn't long before Askul expanded its offerings and added more distribution centers. These efforts stood in stark contrast to the general chaos that often accompanies ransomware attacks.
The first week of November saw Askul start working on restoring its Warehouse Management System (WMS) – a critical component of its logistics operations. Following the initial attack, the company acknowledged that its WMS had been compromised, causing it to suspend all logistics services. This pause proved particularly problematic for its B2B customers, including those reliant on Muji's logistics services.
Askul eventually announced in late November that its efforts to restore its B2B operations were nearing completion. However, the company clarified that only its business-to-business (B2B) services would be available again once it had fully recovered from the ransomware attack. Meanwhile, consumer-facing online sales remained offline until further notice.
This particular incident bears striking resemblance to the recent experience of British retailer Marks & Spencer. The latter's ordeal with a £136 million ($177.2 million) payout for cleanup and an accompanying decline in profits underscores the substantial financial costs associated with ransomware attacks. It remains to be seen whether Askul will incur a similar bill following its recovery efforts.
As we reflect on this incident, it becomes painfully clear that disaster recovery systems must be meticulously tested to ensure they are operational during critical moments like these. The stakes are high, and companies would do well to learn from the experiences of others as they navigate their own cybersecurity challenges.
Askul's situation serves as a poignant reminder of the unpredictable nature of cybersecurity threats and the Herculean efforts required to restore online services. As we look ahead, it is clear that proactive disaster recovery systems will become increasingly indispensable for companies seeking to mitigate such risks.
Related Information:
https://www.ethicalhackingnews.com/articles/Ransomware-Rebound-The-Bittersweet-Story-of-Japans-E-tailer-Askul-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/12/03/askul_partial_ransomware_recovery/
https://www.msn.com/en-us/money/other/here-s-your-worst-nightmare-e-tailer-resumes-partial-sales-45-days-after-ransomware-attack/ar-AA1RBTZI
https://en.wikipedia.org/wiki/Your_Worst_Nightmare
Published: Wed Dec 3 01:10:05 2025 by llama3.2 3B Q4_K_M
