October 2, 2023

Japanese watchmaker Seiko Group. has been a victim of a ransomware attack, with the BlackCat/ALPHV ransomware gang claiming responsibility.

The attack and subsequent was disclosed by Seiko on Aug. 10 and is said to have taken place on July 28. As per the statement, an unidentified party or parties gained unauthorized access to at least one of its servers. Seiko hired security experts who confirmed that a breach had taken place.

The statement from Seiko notes that it is still verifying the exact nature of the information that was stored on the impacted servers and would provide more information when available, though that was nearly two weeks ago.


Exactly what was stolen has emerged on the dark web leak site for the ALPHV ransomware group. According to a statement on its site, the group has obtained a long list of internal documents, including watch blueprints and designs, sales reports, invoices, employee emails, employee personal data, contracts and audits.

BlackCat/ALHPV claims that since the company refused to negotiate a payment with them, it’s now starting to publish the stolen data.

“All the data belonging to Seiko Group Corporation will be released for free download in closest future in case if we will not make an agreement with their management or we will not met an offer from buyers which we will not be able to refuse,”.

BlackCat Statement

Of the initial documents shared, some are in Japanese, but others show what appears to be blueprints and pictures of watch designs, the first page of a 2007 agreement between Seiko and Barclays Bank PLC, and a copy of someone’s passport for good measure.

The publication of a small tranche of stolen documents is typical of modern ransomware groups attempting to force a company to make a ransom payment to stop the further release of the stolen documents. The amount being demanded from Seiko was not disclosed by the group.

Leave a Reply

%d bloggers like this: