On October 20, 2025, a significant cybersecurity incident hit two major players in Japan’s retail and logistics industries: Muji, the minimalist household goods and apparel retailer, and Askul, a prominent logistics and e-commerce company. The ransomware attack led to widespread service disruptions, primarily affecting Muji's Japanese operations and the logistics network managed by Askul. This attack highlights the growing vulnerability of major corporations in Japan to cyber threats, a trend that has escalated in recent months.
The Attack and Immediate Impact
The ransomware attack occurred on a Sunday evening, Japan Time, affecting Askul’s systems and disrupting the logistical services it provides to several businesses, including Muji. As a result of this cyberattack, Muji was forced to suspend its online store and subscription services on October 20th, leaving customers unable to browse products, make purchases, or access their order history. Key website functions, including content display, were also impacted, further disrupting the shopping experience.
Muji confirmed the outage and began investigating the scope of the attack on October 21st. The retailer revealed that while online orders were halted, some services, such as purchasing items through the online store and applying for flat-rate services, were still unavailable. Muji has since been working to assess which shipments were affected, particularly focusing on orders placed before the ransomware attack. The company assured customers that it would notify them of any impacted orders.
Impact on Askul and Its Operations
Askul, a crucial partner for Muji and other large retailers in Japan, was deeply affected by the ransomware attack. As a logistics provider that handles both business-to-business (B2B) and business-to-consumer (B2C) operations, Askul plays a vital role in fulfilling orders and managing the delivery of goods. The ransomware infection disrupted its website and caused a system-wide failure that forced the company to suspend order processing. This included halting new registrations, returns, catalog requests, and pharmaceutical orders. Additionally, Askul’s customer service desk became unreachable, compounding the challenges for businesses that rely on its services.
By October 21st, Askul had canceled all unfulfilled orders placed before the attack and initiated an investigation to determine the full scope of the breach. At the time of reporting, Askul had not identified whether customer data had been compromised or whether a ransom demand had been issued. Unlike other recent cyberattacks in Japan, no specific ransomware group has claimed responsibility for the incident involving Askul.
Geographical and Operational Impact
The primary impact of the ransomware attack was limited to Muji's Japanese operations. The retailer’s international stores, including those in Europe, North America, and other regions, were unaffected by the disruptions to Askul's logistics network. Muji operates over 1,000 stores globally, with the majority of its 24,500 employees working outside Japan. As the attack was localized to Askul’s services for Muji in Japan, the global impact remained minimal.
However, other companies that rely on Askul for logistics support, such as Loft and Sogo & Seibu, experienced similar disruptions. This highlights the cascading effect of the ransomware attack on Japan's e-commerce and retail logistics infrastructure.
Response and Customer Communication
In response to the attack, Muji issued a public apology, acknowledging the inconvenience caused to its customers. The company expressed gratitude for the customers' understanding and reassured them that it was working diligently to restore services and fully investigate the nature of the attack. As of October 21st, there was no set timeline for when operations would return to normal, and Muji has promised further updates as the situation develops. Askul also released a statement apologizing for the operational failures and assuring customers that an investigation was underway. The company has committed to keeping customers informed about the progress of the investigation and the scope of the breach.
Broader Context: Cybersecurity in Japan
This ransomware attack on Askul and Muji is part of a worrying trend of increased cyberattacks against major corporations in Japan. In September 2025, Asahi, Japan’s largest beer producer, was similarly targeted by the Qilin ransomware group, which disrupted production lines and stole sensitive data. The frequency of these attacks raises questions about the cybersecurity defenses in place at major Japanese companies and the increasing reliance on e-commerce and online retail operations in the country.
The lack of a definitive claim of responsibility for the ransomware attack on Askul further underscores the uncertainty surrounding this particular incident. While some cybercriminal groups have been quick to claim responsibility for other high-profile attacks, no such declaration has been made regarding Askul’s breach as of the latest updates.
The Growing Threat of Cyberattacks
The ongoing investigations into the ransomware attack on Askul and Muji underscore the growing threat posed by cyberattacks to large businesses, particularly those in the retail and logistics sectors. These industries have become prime targets due to their integral role in global supply chains and the vast amounts of customer data they handle. The attack has not only disrupted Muji’s operations but has also affected other businesses that rely on Askul’s services, illustrating the interconnected nature of modern retail and logistics.
With Japan’s e-commerce sector continuing to expand, the risks associated with cyber threats are only expected to grow. The disruption caused by this ransomware attack highlights the urgent need for stronger cybersecurity measures, particularly for companies that handle sensitive customer data and critical supply chain operations.
Conclusion and Ongoing Developments
As of now, both Muji and Askul are focused on restoring their operations and investigating the full impact of the ransomware attack. Customers have been urged to remain patient as both companies work to address the disruption. The investigation is ongoing, and the full scope of the breach, including potential data leaks, remains unclear.
This incident serves as a stark reminder of the vulnerabilities facing major corporations in Japan and the need for robust cybersecurity strategies to protect against evolving cyber threats. It also highlights the increasing risks to e-commerce and logistics operations in Japan, where cyberattacks continue to grow in frequency and sophistication.
0 Comments