Japanese retailer Muji said it took its online store offline on Sunday evening (Japan time) after a ransomware attack at its delivery partner, Askul, caused a logistics outage that affected retail services.
Muji said the outage affected browsing and purchases on its online stores, viewing order histories in the Muji app, and the display of some web content. In an update on Monday afternoon the company stated that purchases from the online store and applications for a monthly flat-rate service remained impacted.
Muji said it was investigating which shipments were affected to determine which orders had been placed before the attack and that it would send email notifications to customers. The company operates more than a thousand stores worldwide and, according to the article, has annual revenue of about $4 billion and over 24,500 employees.
Askul, a large office supplies and logistics e-commerce company owned by Yahoo! Japan Corporation, issued a statement saying a ransomware infection had caused a system failure on its website and that it had suspended orders and shipping operations while investigating the scope of the impact, including possible leakage of personal and customer data, according to the announcement. The company also suspended product return applications, receipt mailing, catalog shipping and collection services, and its customer service desk was reported unreachable by phone or the website.
Because Askul only handles Muji’s Japan sales, Muji said the disruption was limited to that region and that its shops in other countries were operating normally. At the time of writing, no ransomware gangs had listed Askul on extortion portals.
It is also noted that the incident comes shortly after a separate ransomware attack on Japan’s largest beer producer, Asahi; Asahi said the hackers stole data from its systems, according to the company’s statement.