U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Japanese retailer Muji halted online sales after a ransomware attack on logistics partner

Muji halted online sales after a ransomware attack on its logistics partner Askul, disrupting orders, app services, and website access. Japanese retailer giant Muji suspended online sales after a ransomware attack hit its logistics partner Askul. The cyber incident disrupted deliveries and online store functions, including orders and app services. “Due to a logistics issue […]

Muji

Muji halted online sales after a ransomware attack on its logistics partner Askul, disrupting orders, app services, and website access.

Japanese retailer giant Muji suspended online sales after a ransomware attack hit its logistics partner Askul. The cyber incident disrupted deliveries and online store functions, including orders and app services.

“Due to a logistics issue at our online store, the following services and functions are currently unavailable.The reopening date has not yet been decided.We sincerely apologize for any inconvenience caused to our customers, and we appreciate your understanding.” reported the company.

“[Services and features currently unavailable] (Updated October 20th (Monday) at 5:00 PM)

  • Purchase from the online store
  • Apply for a monthly flat-rate service”

Muji is a Japanese retail company known for its minimalist design and “no-brand” philosophy. It sells a wide range of products, including clothing, furniture, stationery, and home goods, all emphasizing simplicity, functionality, and sustainability. The name “Muji” comes from “Mujirushi Ryohin” (無印良品), meaning “no-brand quality goods.”

The company has over 24,500 employees and $4 billion in annual revenue.

Askul disclosed a ransomware attack on October 21, 2025.

“The ASKUL website is currently experiencing a system outage due to a ransomware infection, halting order acceptance and shipping operations.” reads the company’s statement. “We are currently investigating the extent of the impact, including the leak of personal information and customer data, and will notify you as soon as it is clear. We sincerely apologize for any inconvenience and concern this may have caused our customers.”

The ransomware attack forced Askul to suspend all key operations, including online and fax orders, shipping, new user registration, returns, catalog requests, and pharmaceutical services. Customer support lines and inquiry forms were also unavailable.

At this time, no ransomware gangs have claimed responsibility for the attack on Askul.

Recently, another Japanese company, Asahi, disclosed a ransomware attack. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as soft drinks and other beverages. It operates both domestically and internationally, with a strong presence in Europe and Asia.

At the end of September, the company suspended its operations at the Japanese branch after a cyber attack, other branches were not impacted. The attack halted the company’s ordering and shipping operations, and its call center and customer service desk are unavailable.

On October 3, the company confirmed that it was a victim of a ransomware attack, but did not reveal the name of the group responsible for the security breach.

Qilin ransomware claimed responsibility for the attack on the Beer giant Asahi and leaked 27GB of stolen data, including employee and financial documents.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Japan)