Muji halts online sales after ransomware attack on supplier

News
By published

Online sales and logistics outage stops Muji in its tracks

ransomware avast
(Image credit: Avast)
  • Japanese retailer Muji affected by ransomware attack
  • The attack targeted its logistics partner Askul
  • This follows a number of third-party breaches impacting retailers and manufacturers

Muji has been forced to halt much of its operations after its delivery partner, Askul, was targeted in a ransomware attack.

The Japanese clothing and homeware retailer confirmed that the incident has impacted browsing, online purchases, order histories through the Munji app, and the display of web content.

If customer data has been compromised, especially personally identifiable information like names, addresses, email addresses, or even financial data - this could leave customers at risk of identity theft, as criminals could use their information to take out credit cards or loans.

Operational disruptions

‘The ASKUL website is currently experiencing a system outage due to a ransomware infection, halting order acceptance and shipping operations,’ Askul’s statement confirmed (translated through Google Translate).

‘We are currently investigating the extent of the impact, including the leak of personal information and customer data, and will notify you as soon as it is clear,’ Askul added.

Askul only provides ecommerce logistics to the Japanese branch of Muji, so stores in other parts of the world seem to remain unaffected.

The series of retailer attacks bring forward the vulnerabilities from third-party suppliers.

The incident is the latest in a seemingly never-ending string of ransomware attacks hitting high-street stores and retailers.

Most recently, Japanese beer giant Asahi, and carmaker Jaguar Land Rover, had to halt production lines following serious cyberattacks.

These third party breaches should serve as a wake-up call for modern cybersecurity teams, and underscore the need for vigilance, accountability, and transparency.

The increased reliance on outside vendors drastically increases the attack surface that malicious actors can target. Large retailers may have the budget and manpower to bolster their cyber defenses - but smaller software, logistics, or manufacturing companies may not have the same resources or protections.

Best identity theft protection header
The best ID theft protection for all budgets

➡️ Read our full guide to the best identity theft protection
1. Best overall:
Aura
2. Best for families:
IdentityForce
3. Best for credit beginners:
Experian IdentityWorks

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.