Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Fujitsu confirms March cyber attack not a ransomware incident, data exposed

Japanese tech giant Fujitsu has confirmed that the data breach that occurred back in March exposed some individual and customer data.

user icon Daniel Croft
Thu, 11 Jul 2024
Fujitsu confirms March cyber attack not a ransomware incident, data exposed
expand image

The incident was first detected in March last year but made public a year later, with the company issuing a notice on March 15 saying it had detected malware.

“We confirmed the presence of malware on several of our company’s work computers, and as a result of an internal investigation, it was discovered that files containing personal information and customer information could be illegally taken out,” the company said.

Now, in a 9 July press release by the company translated from Japanese, Fujitsu said that it detected that malware was installed on one of its business computers, which then spread to other devices.

============
============

“This malware was not ransomware, but rather a type of attack that used advanced techniques, such as disguising itself in various ways, making it extremely difficult to detect,” the company said.

"Following a comprehensive investigation, it was confirmed that the number of infected business PCs and the number of other devices where the copy instruction command was executed, and information was transferred, was no other than the 49 PCs initially detected. These devices were all used within Fujitsu’s internal network in Japan, and the investigation has not detected any impact on business PCs connected to network environments outside of Japan."

Fujitsu added that all the affected computers were on its internal network in Japan and has not confirmed if any devices outside Japan were affected.

Additionally, none of the affected devices were used for cloud management, and Fujitsu has determined that “the damage has not spread outside the company, including to customer environments”.

While Fujitsu did not specify what the stolen data was, it said that after investigating communications and operations logs, it noted that the malware executed commands to copy files, meaning some may have been exfiltrated.

“The files that were able to be copied contained personal information of some individuals and information related to the business of customers, and we have reported this to the affected customers individually and are taking the necessary measures.

“At this time, we have not received any reports that personal information or information related to customers’ business has been misused,” it said.

This incident is not Fujitsu’s first cyber security battle, with the company having suffered a data leak after a threat actor listed data pertaining to it online.

On 28 August 2021, Fujitsu discovered that a threat actor called Marketo had listed data associated with the tech giant on an online marketplace.

Despite the listing, it is currently unknown whether any data was actually leaked or sold or if Fujitsu suffered any material losses as a result.

A buyer for the data may never have been found, or the threat actor could have lied about the authenticity of the data.

Update: Fujitsu reached out to Cyber Daily to specify that the incident occurred in March 2023, but was made public a year later in March 2024.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.