**Askul Suffers Devastating Data Breach After Ransomware Attack**

In a shocking revelation, Japanese e-commerce and logistics firm Askul has disclosed that an October ransomware attack compromised over 700,000 records, sending shockwaves through the cybersecurity community. The attack, perpetrated by the notorious RansomHouse group, not only disrupted Askul's operations but also exposed sensitive data of its customers, partners, and employees.

Askul, a leading provider of office products, stationery, IT equipment, and everyday business consumables in Japan, operates large-scale fulfillment and delivery services across the country. The company is part of the LOHACO/Yahoo Japan ecosystem and has been at the forefront of e-commerce and logistics in Japan for years.

The ransomware attack, which occurred on October 19, was a catastrophic event that not only encrypted data but also caused significant disruptions to Askul's orders, shipping, and automated logistics systems. The company's services were severely impacted, with customer and partner data affected. It wasn't until early December that Askul began to resume its operations.

RansomHouse later claimed the theft of 1 TB (terabyte) of sensitive data and leaked it in November and December. According to reports, the ransomware group has already released three evidence packs containing the stolen data. The leak is believed to have been triggered by a failed negotiation or Askul's refusal to pay the demanded ransom.

Askul confirmed that the data breach affected customer and partner data, compromising approximately 590,000 business service records, 132,000 consumer records, and thousands of employee and executive records. In a statement, the company acknowledged the severity of the breach and assured customers and partners that it is taking all necessary steps to contain the impact and restore services.

"On October 19, 2025, Askul Corporation experienced a ransomware attack that encrypted data and caused system disruptions, resulting in large-scale service outages and leakage of company information," reads the data breach notification published by Askul. "Information Confirmed as Leaked (as of Dec 12, 2025)"

According to an investigation, attackers accessed Askul's network using stolen credentials, conducted reconnaissance, and harvested additional credentials. They then moved laterally, disabled security systems, and deployed ransomware after deleting backups.

"The ransomware attack led to the leakage of customer information and some partner data, causing significant inconvenience," said Akira Yoshioka, CEO of Askul. "The disruption of our highly automated logistics systems temporarily halted services, affecting customers, partners, logistics clients, shareholders, and other stakeholders. We take this matter very seriously and have mobilized the entire company to contain the impact and restore services."

Askul has vowed to review and strengthen its Business Continuity Plan (BCP) in light of the attack and has provided a detailed report on its investigation results, response measures, and security enhancements. The company's commitment to transparency and accountability is a testament to its dedication to protecting customer data.

This incident serves as a stark reminder of the increasing threat posed by ransomware attacks and the importance of robust cybersecurity measures in today's digital landscape. As another major Japanese company suffered a similar attack just last month, it highlights the need for organizations to be vigilant and proactive in their approach to cybersecurity.