Ficha reported the final impact of a ransomware incident that encrypted files on internal servers, with investigations showing 32 servers affected and 13 infected by the malware. The attacker also transferred aggregated files to attacker-controlled OneDrive storage and copied 144 GitHub repositories, prompting Ficha to strengthen its security posture with MFA, network segmentation, improved access control, EDR, and an external SOC. #Ficha #OneDrive #GitHub
Information
- Victim: Ficha
- Website: ficha.jp
- Country: Japan
- Date Reported: 2026-05-25
Keypoints
- Ficha published its final report on a ransomware incident affecting its servers.
- The incident was initially reported on May 13 and February 12, and was discovered on February 9.
- Internal server files were encrypted during the attack.
- Investigators confirmed that 32 servers were impacted, including 13 infected by the ransomware.
- The attacker transferred aggregated files to OneDrive-controlled cloud storage.
- 144 GitHub repositories were copied from the companyβs GitHub server.
- Ficha strengthened security with MFA, network separation, improved access control, EDR, and an external SOC.
Read More: https://scan.netsecurity.ne.jp/article/2026/05/25/55340.html