Japanese logistics and e-commerce provider Askul Corp. reported a ransomware-triggered system failure that forced it to stop order intake and shipping on three platforms—Askul, Lohaco, and Soloel Arena. The disruption rippled to retail brands that depend on Askul’s fulfillment, leading Muji’s parent Ryohin Keikaku and The Loft Co. to suspend domestic online sales while restoration efforts proceed. Coverage from multiple outlets confirms the stoppage, the ransomware cause, and the lack of a published recovery date at this time (BleepingComputer, Bloomberg, Nippon.com).
What happened
Askul disclosed that ransomware caused a “system failure,” prompting an immediate halt to receiving orders and dispatching products across its three online businesses. Public statements and local press note that customer registration and inquiry portals were also affected. Muji’s domestic online store and Loft’s e-commerce operations paused as a direct result of the upstream logistics outage; shop systems and physical deliveries at Muji were otherwise operating normally according to contemporary reports.
Which services went offline
Askul’s suspension covered new orders, shipments already scheduled, and certain customer-service functions. Ryohin Keikaku stated that browsing and purchases on Muji’s Japan web shop were interrupted shortly after the Askul incident; Loft similarly paused its web sales. None of the companies provided a resumption timeline in the first notices.
How it unfolded (per public statements)
Reports describe a weekend detection of ransomware within Askul’s environment, followed by containment steps that shut down ordering and fulfillment. Askul referred to a “system failure” resulting from the infection, without naming the intrusion vector, malware family, or attacker. At the time these articles were published, no group had publicly claimed responsibility and no indicators of compromise (IOCs) were released (Nippon.com, The Record).
Impact on retailers and consumers
For shoppers in Japan, carts could not be checked out and some pending shipments were canceled or delayed. For Muji and Loft, domestic online sales were paused while internal systems and store logistics continued. For suppliers using Askul’s backbone, purchase orders and outbound fulfillment stalled, creating inventory and warehouse backlog risks. Analysts highlighted potential revenue effects for Askul if disruption persists, alongside market reactions noted during Monday trading (Bloomberg syndication).
Why this matters to supply-chain security
This case shows how a single logistics platform can bottleneck multiple storefronts. The event aligns with cascading-risk themes we recently covered, where upstream outages or intrusions affect many downstream services. See our recent coverage of a major vendor incident for context: F5 Networks breach: what we know. Operational disruptions to public-facing systems also appeared in our recent story on airport audio systems: Airport PA System Hack. For a view on patch cycles that reduce opportunistic risk, review: Microsoft October 2025 Patch Tuesday.
Scope at a glance
| Entity | Service impact | Source |
|---|---|---|
| Askul (Askul/Lohaco/Soloel) | Orders and shipments suspended; customer portals affected | Nippon.com> |
| Ryohin Keikaku (Muji) | Domestic online sales paused; stores and logistics otherwise normal | BleepingComputer> |
| The Loft Co. | Online sales suspended | Bloomberg syndication> |
| Attribution | No actor named; no public IOCs; no group claims | The Record> |
Related events and context
Japan’s retail sector recently faced other large disruptions. Reporting noted market reaction to the Askul event and referenced earlier incidents at major consumer brands. For timely vulnerability tracking and exploitation trends relevant to e-commerce infrastructure, see our recent update cycle coverage: Patch Tuesday overview. Broader supply-chain discussions appear in our nation-state reporting: Alleged tools case.
References
- BleepingComputer — Muji halts online sales after supplier hit>
- Bloomberg — Muji e-commerce paused after Askul attack>
- Nippon.com — Askul suspends online sales due to ransomware>
- The Record — Askul halts online orders after ransomware>
- Bloomberg syndication — Japan retailers halt online sales after supplier cyber attack>
- New Straits Times — Japan’s Muji hit by ransomware on delivery partner>