Hoya’s optics production and orders disrupted by cyberattack

Hoya Corporation, one of the largest global manufacturers of optical products, says a "system failure" caused servers at some of its production plants and business divisions to go offline on Saturday.

The company has over 37,000 employees at 160 offices and subsidiaries in more than 30 countries and operates a network of 43 laboratories worldwide.

"The day before yesterday, we learned that the Group's head quarter and several of its business divisions have experienced an IT system incident," Hoya said in a statement published on Monday.

"At this time, we do not have a full restoration timeline for when our systems will be back online, but our priority is restoring our systems as quickly as possible, so we can continue to provide our customers with the highest level of service," the company added in a separate advisory.

Hoya promptly responded to a server failure by isolating the affected servers and informing the relevant authorities in the impacted countries.

The optics company also hired outside forensic investigators who determined that the incident was most likely caused by a third party gaining unauthorized access to their servers, according to a new advisory [PDF] published on Thursday and first spotted by The Record.

Some production lines, ordering systems offline

As a direct result of this incident, some production plants and the ordering system for certain products have been impacted.

Hoya is currently investigating whether the hackers accessed or extracted any confidential or personal information stored on the compromised systems. The investigation is likely to take "a considerable number of days."

"We will continue to investigate and analyze the impact of this incident in cooperation with outside experts and relevant authorities, and will take measures to restore the systems necessary for production and sales activities and to resume the supply system of products to customers as soon as possible," Hoya said.

A Hoya spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.

The Japanese lens maker also partially shut down its production line in Thailand following a 2019 malware attack and suffered another attack—claimed by the Astro Team hacking group—in 2021.