One of the world’s largest electronics and electrical equipment manufacturing firms has disclosed a major security breach.
In a short statement published today, Mitsubishi Electric stated that unauthorised access to its network had resulted in personal information and corporate confidential information being leaked.
According to reports, the unauthorised access was first detected on June 28, 2019 after Mitsubishi Electric staff had come across a suspicious file on one of the company’s servers. The intrusion was then tracked to a compromised employee account.
“Unauthorized access began with affiliates in China and spread to bases in Japan. The hijacked account was used to gain infiltration into the company’s internal network, and continued to gain unauthorized access to middle-managed PCs who had extensive access to sensitive information,” reported Asahi.
Asahi added that the threat actors then gained access to the networks of most of the 14 headquarters and business headquarters, including the Sales Headquarters and Electronic Systems Business Headquarters.
It is believed that the threat actors behind the attack were Chinese hackers, Tick.
Asahi and another new publication, Nikkei, reported that the threat actors compromised at least over 120 computers and servers both internationally and domestically, to which nearly 200MB of data was stolen.
However, Mitsubishi’s stated that “no technical information or important information related to business partners has been leaked. To date, no damage or impact related to this matter has been confirmed.”
Despite the unauthorised access being detected in June and an official internal investigation being launched in September, the company only disclosed the incident today after the two local newspapers published stories about the attack.
This incident is being treated with the utmost severity as Mitsubishi Electric is one of Japan’s biggest defense and infrastructure contractors.
The post #Privacy: Mitsubishi Electric struck by cyber attack appeared first on PrivSec Report.