Olympus Admitted the ‘BlackMatter’ Ransomware Gang Got Them

  • Olympus has announced a cybersecurity incident that has disrupted some of its services.
  • Experts in the field claim that it was BlackMatter who launched a ransomware attack.
  • Olympus has gone through business restructuring last year, but it remains a big and healthy company.

Olympus has issued an announcement over the weekend, informing the public of a cybersecurity incident that has affected its IT systems since September 8, 2021, and is ongoing. The firm says its IT team is investigating the incident to evaluate its scope and effects, while forensics experts are working with its response group to resolve the issue as quickly as possible. The firm has promised to give updates when new information or more details become available, but so far, no updates have been posted on the website.

According to Emsisoft researchers who have been following the case closely, the actor responsible for the disruption is ‘BlackMatter,’ who has kept the issue private for now so as to allow Olympus to resolve the case by paying the ransom without much fuss. We have checked the dark web portal of the group, and there’s no listing with any Olympus files there yet. Maybe the window for private negotiations hasn’t closed yet, or the actors didn’t manage to exfiltrate any data that would be useful for double-extortion. However, that second part is highly unlikely.

‘BlackMatter’ appeared in the scene in July this year as a new top-tier RaaS operator going for big-game hunting. So far, they have compromised the corporate networks of around 40 large companies and organizations, making a significant impact in the cybercrime space. Emsisoft has also mentioned several technical overlaps between that group and the ‘Darkside,’ so a rebrand meant to shake off the heat from the law enforcement authorities following the Colonial Pipeline attack is very likely.

As for Olympus, the Japanese company optics and reprography products manufacturer mostly known for its cameras has sold that division to ‘Japan Industrial Partners’ last year but remains a large and healthy company with profitable operations supported by medical, industrial, and scientific fields. As such, they remain an excellent target for ransomware actors who are looking to make a good bust.

We have reached out to the company to ask for more details about what happened and whether or not they also suffered a data breach, and we will update this piece as soon as we hear back from them.

How to Watch ‘The Fringe, Fame, and Me’ Online From Anywhere for FREE
The Fringe, Fame, and Me is a new documentary on the history of the Fringe Festival as it marks its 75th anniversary,...
How to Watch Love & Hip Hop: Atlanta Season 10B Online From Anywhere
The show that presents aspiring rap stars juggling their professional and personal lives is back with new episodes, and you will be...
How to Watch Darby and Joan Online From Anywhere
Darby and Joan is a bright, humorous, romantic mystery crime series set in stunning Australian locations, and we're excited to watch it...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari