Japanese retailer Askul has confirmed a significant data leak following a ransomware attack in October that disrupted its e-commerce operations. The company reported that customer and supplier data — including contact information and inquiry details from users of its online stores Askul, Lohaco, and Soloel Arena — was compromised, along with data stored on internal servers. The breach also disrupted supply chains for major Japanese retailers such as Muji and The Loft, both of which rely on Askul’s logistics network. Askul apologized to affected customers and partners while continuing its investigation into the scope of the attack.

The RansomHouse cybercrime group, which is linked to Russian threat actors, has claimed responsibility, asserting that it exfiltrated 1.1 terabytes of data. Unlike traditional ransomware operators, RansomHouse typically does not encrypt data but instead threatens to publicly release stolen information to coerce victims into paying. The Askul attack is part of a wider surge in cyber incidents targeting Japanese firms, with recent ransomware breaches also affecting Asahi Group Holdings and auto parts maker TEIN.

To mitigate and respond effectively to such breaches, organizations must strengthen their network visibility and investigative capabilities with a platform like NIKSUN. A critical element of this defense is deep packet inspection (DPI) integrated with intrusion detection systems (IDS), coupled with rich analytics and forensic tools. DPI allows security teams to examine network traffic at a granular level, uncovering hidden threats and anomalies that traditional monitoring might miss. When combined with comprehensive analytics and forensics, these capabilities enable teams to quickly determine the who, what, where, when, and how of a cyber incident — ensuring rapid containment, accurate attribution, and meaningful long-term mitigation against future attacks.