Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Japanese Ministries Confirm Impact from Fujitsu Data Breach

Japan’s Ministry of Foreign Affairs and Ministry of Land, Infrastructure, Transport and Tourism this week confirmed impact from a data breach at service provider Fujitsu Limited.

Japan’s Ministry of Foreign Affairs and Ministry of Land, Infrastructure, Transport and Tourism this week confirmed impact from a data breach at service provider Fujitsu Limited.

Earlier this week, the Japanese multinational provider of IT services and products confirmed it suffered a cyberattack resulting in unauthorized access to ProjectWEB, a tool that allows organizations to share data within and outside their environments.

The company said that it stopped the service, to prevent further unauthorized access, but confirmed that “some of the information entrusted to us by our customers was stolen,” without providing further information on the matter.

“The scope and cause of this incident are currently under investigation, and the operation of ProjectWEB has been suspended to prevent further unauthorized access,” Fujitsu said.

On Wednesday, Japan’s Ministry of Foreign Affairs announced that it was impacted by the incident, saying that study material was stolen, and that some personally identifiable information might have been affected as well.

The ministry notes that the affected individuals were informed of the data leak and that the study information doesn’t impact its systems or operations.

Also on Wednesday, the Ministry of Land, Infrastructure, Transport and Tourism said that approximately 76,000 email addresses of individuals both within and outside the ministry were likely compromised in the incident.

“No unauthorized access has been confirmed to the ministry’s system,” the ministry said, adding that it experienced no interruptions as result of the data leak. The ministry also revealed plans to contact the individuals whose email addresses were compromised.

Related: City of Chicago Hit by Data Breach at Law Firm Jones Day

Related: Cybercriminals Publish Data Stolen From Shell, Universities

Related: Belden Says Health-Related Information Exposed in Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.