In the latest update in the saga of Toei Animation’s recent anime-delaying hack, the studio has claimed that the digital disruption was caused by employee error.
As previously reported, on March 6th, Toei Animation was hit with a massive ransomware attack, the effects of which resulted in the delay of several of the studio’s anime productions, including One Piece and the long awaited anticipated movie Dragon Ball Super Super Hero.
Five days later, Toei Animation would publicly reveal the hack, announcing in an official statement that an unauthorized third-party had accessed the company’s network and in doing so caused a partial shutdown of the company’s internal computing systems.
At the time, as reported by Japanese news outlet NHK, the studio “believed that the cyber-attack was caused by ‘ransomware,’ a ransom-type computer virus.”
Following a further investigation into the matter, Toei Animation has now revealed that the hack was caused by “a Company employee [who] downloaded a software required for business from an external website, which had been tampered with so as to simultaneously download a software program that would serve as the entry point for ransomware infiltration.”
Speaking to their subsequent “response and investigation”, the studio explained in an April 28th press release. “When the above-mentioned unauthorized access into its network was confirmed, the Company took various measures including immediately shutting down portions of its internal system and restricting access from outside.”
“Moreover, the Company not only promptly reported the incident to the concerned authorities but also has been carrying out appropriate and necessary responses and investigations by involving external security specialists,” they added, before assuring fans, “As of today, following the implementation of security measures, all the internal systems of the Company are more or less normalized.”
Regarding the impact of the hack, Toei Animation elaborated that “following the unauthorized access by a third party, portions of the data in the Company’s server and PCs were encrypted after being infected by the ransomware, which resulted in delays in parts of the regular operations and anime production for about a month.”
In addition, their “external security specialists” thankfully found no evidence of “information leakage including that of personal information” or any reports “on damages to customers” – a finding that is either extremely lucky or a falsehood meant to keep the truth under wraps (I’m really praying it is the former and not the latter),
Though there have been rampant claims across social media that the ransomware was present in the program because the Toei employee had downloaded an illegally pirated version of the software, there is no evidence to support this claim.
Instead, it appears this claim was borne from a misunderstanding of the term ‘third-party’ in relation to business and web hosting, which in these contexts refers to anything not produced or operated by an individual’s given employer, rather than anything illegal.
For example, for a Toei Animation employee, such free-to-use software as Slack, Discord, or Audacity would all be considered third-party as the Japanese entertainment conglomerate is not involved with the management or distribution of these tools.
As of writing, the exact program the employee was attempting to download, as well as where the tainted software was obtained, have yet to be made public.
In the end, the ‘Toei Animation Hack Saga’ may be one of the funniest things to come out of 2022 so far.
After all, how does this happen in 2022? This isn’t 1998, where the internet can most easily be accessed through AOL dial-up and computers were a niche hobby.
If my age 60+ parents can both figure out how to use anti-virus software for their personal computer, one would imagine a major entertainment conglomerate could do the same.
What do you make of Toei Animation’s explanation of their recent hack? Let us know your thoughts on social media or in the comments down below!