Months after the attack Canon publically confirmed that the cyberattack in August was caused by ransomware, and that data was stolen from servers by hackers during this attack.
The attack was first reported by BleepingComputer when they found that there was a suspicious outage on cannons cloud photo storage service, image.canon, which caused users to lose files. On August 5, Canon USA released a company-wide notice informing employees of the system issues which resulted in multiple applications, such as Teams and company emails, being made unavailable.
A screenshot of the ransom note was found which revealed that the outage has been caused by Maze ransomware. Maze is a group that usually steals data from compromised networks in a bit to pressurise victims into paying up.