Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hackers Steal Employee and Corporate Information From Mitsubishi Electric

Personal and corporate information was stolen from electronics and electrical equipment manufacturing company Mitsubishi Electric during a data breach that occurred last year.

Personal and corporate information was stolen from electronics and electrical equipment manufacturing company Mitsubishi Electric during a data breach that occurred last year.

In a notice published on Monday, the Japanese company confirmed not only that its network was breached, but also that the attackers may have accessed some personal and confidential corporate information.

The manufacturer revealed that it discovered suspicious behavior on a system on June 28 last year, and that it immediately restricted external access.

The company says its internal investigation has confirmed that “sensitive information on social infrastructure such as defense, electric power, and railways, highly confidential technical information, and important information concerning business partners” hasn’t been stolen.

The company has also revealed that the attackers were careful enough to erase their tracks, which made the compromise difficult to detect on some systems.

Mitsubishi Electric estimates that the hackers exfiltrated around 200MB of data, including employment application information on 1,987 people, employee information on 4,566 people, and information on 1,569 retired employees of affiliated companies.

Confidential technical materials, sales materials, and other trade secrets might have been leaked as well, the company reported.

The manufacturer said it started sending notices of the data breach on January 20, and it is also informing customers about the potential leak of trade secrets. Authorities have been alerted as well.

Advertisement. Scroll to continue reading.

To access the company’s network, the attackers apparently targeted a vulnerability in an anti-virus product before a patch was released.

According to Japanese newspapers, the attackers gained access to the company’s systems via hijacked email accounts, after initially compromising a China-based affiliate. The hackers had apparently compromised over 120 systems at 14 locations.

Asahi Shimbun reports that data on 10 public and government agencies was stolen during the attack, along with data on the Ministry of Defense, the Ministry of the Environment, the Cabinet Office, the Nuclear Regulatory Commission, and the Agency for Natural Resources and Energy.

The attack is supposedly the work of China-linked hacking group Tick, which has been known to target large companies through their Chinese subsidiaries. Over the past few years, the threat actor has targeted various organizations in Japan and South Korea.

“While the type of data breached is unclear, knowing that Mitsubishi Electric is a top contractor for Japan’s military and infrastructure, this breach is especially concerning. Enterprises and organizations that regularly handle sensitive and confidential data must understand the serious risks associated with a breach of that information and leverage Zero Trust security strategies, where organizations ‘never trust, but always verify’ entities outside and inside their network,” Ben Goodman, CISSP and SVP of global business and corporate development at ForgeRock, told SecurityWeek in an emailed comment.

“To avoid a fate similar to that of Mitsubishi Electric, companies must understand the importance of security solutions that provide full visibility and control over their data. In other words, they must implement tools that detect and remediate misconfigurations, enforce real-time access control, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent the leakage of sensitive information,” Anurag Kahol, CTO of Bitglass, commented via email.

Related: Don’t Fall Victim to IP Theft and Corporate Espionage

Related: China-linked Hackers Targeting Air-Gapped Systems: Report

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.