World’s second-largest eyeglass lens-maker blinded by infosec incident – Source: go.theregister.com

If ever there was an incident that brings the need for good infosec into sharp focus, this is the one: Japan’s Hoya – a maker of eyeglass and contact lenses, plus kit used to make semiconductor manufacturing, flat panel displays, and hard disk drives – has halted some production and sales activity after experiencing an attack on its IT systems.

The official view of what happened is blurry. On April 1 the optics conglomerate advised that its Tokyo HQ and several business units had “experienced an IT system incident.”

A Thursday update [PDF] told a darker story.

“In the morning of March 30, 2024, we discovered a discrepancy in system behavior at one of our overseas offices and confirmed that a system failure had occurred,” the update opens.

Compromised kit was isolated, forensic specialists hired, and the corporation has promised it “will take measures to restore the systems necessary for production and sales activities and to resume the supply system of products to customers as soon as possible.”

Hoya currently has no insight into whether “confidential or personal information held by the Company has been compromised or accessed by third parties” and warned that “full analysis is expected to take a considerable number of days.”

Note that the statement doesn’t offer an estimate for remediation or restoration.

• Execs in Japan busted for winning dev bids then outsourcing to North Koreans
• Simulation reveals all Japanese will have the same surname by 2531
• Japan’s NTT and NEC reckon they can boost optical network capacities 12x
• Toyota admits its engines are overrated – by its own power testing software

The business also had mixed news for investors.

“The impact of this matter on our business performance is not known at this time, but we will promptly disclose the impact of this matter on our business performance, if any, as soon as it arises,” its Thursday statement reads.

The value of Hoya shares has fallen five percent this week.

It is unclear which facilities are impacted by this incident, and which supply chains may be disrupted. Hoya’s Japanese consumer business, Vision Care, on Tuesday apologised for disruptions to deliveries.

Hoya joins fellow Japanese entities NTT, LINE, Fujitsu, and space agency JAXA on the list of recently compromised outfits. ®