Ricoh Australia Struggles to Address Data Breach, Informs Customers
Last Thursday, electronics company Ricoh Australia was reported to announce a data breach that may have exposed signin information needed to access multifunction equipment. The data involved run-up guides that were supposedly posted online and indexed by search engines like Google.
Run-up guides contain data that include an equipment’s technical details, including how to update its firmware, hard drive encryption, and configuration. Some exposed credentials had Active Directory information and Directory Access procedures, which determines who is able to access the multilevel equipment.
In a statement, the company says they have reached out to affected clients to resolve the issue within the week. They also apologized for exposing customer data in such a vulnerable manner.
The incident is not considered a major threat to affected institutions, with run-up guides lacking substantial data to enable full multilevel access to a device within a department.