In a statement issued by the Japanese tech giant Fujitsu, they accepted the association of its ProjectWEB tool in a Japanese government data breach earlier this year.
In May, several government agencies, including the Cabinet Secretariat, Ministry of Infrastructure, Land, Transport, and Tourism, and Narita Airport, were hacked via this tool, and at least 76,000 email accounts were stolen during the breach, according to the National Cyber Security Center (NISC) of Japan.
Immediately after this breach, the Cabinet Secretariat’s national cybersecurity center (NISC) flagged the government organizations using the ProjectWEB tool to inspect for unauthorized access or any information or data leakage signs because such data breaches usually result in ransomware attacks.
Fujitsu pins Japanese govt data breach on stolen ProjectWEB accounts – @sergheihttps://t.co/rmdldL3Kpb
— BleepingComputer (@BleepinComputer) December 9, 2021
While speaking to ZDNet’s Campbell Kwan, at the time, Fujitsu spokesperson confirmed that there was indeed unauthorized access to the ProjectWEB tool, and it was used for Japanese-based projects. He further added that the use of the tool was immediately suspended, and all the impacted clients were informed.
Fujitsu to discontinue ProjectWEB tool after Japanese govt data breaches https://t.co/dSQfRFbc8t
— ZDNet (@ZDNet) December 10, 2021
After an investigation, Fujitsu confirmed on Thursday that it nominated a CISO in October and also arranged “measures to prevent reoccurrence… under a new information security management and operational framework.”
Today, the Japanese tech company made an official announcement that the investigation of the data breach allowed them to uncover various security vulnerabilities that the attackers could have leveraged to access the ProjectWEB tool. According to Fujitsu:
One of these was used to illegitimately obtain legitimate IDs and passwords to make unauthorized access to ProjectWEB in such a way that it appeared like an authorized user was accessing the tool through normal channels of authentication and communication. At present, the cause of this incident and our company’s response are additionally being verified by a committee comprised of external experts.
The company has suspended and discontinued Fujitsu’s ProjectWEB tool and is now preparing to resettle its clients to a new and secure tool. The company further said the following in this regard:
Fujitsu Limited will introduce a new project information sharing tool that addresses the issues raised by this incident with robust information security measures including those in line with zero-trust practices and will be migrating project management tasks to the new tool.
Amidst the cyberattacks on Japanese companies, tech giant Olympus was hit by a ransomware attack in September that targeted European, African, and Middle Eastern networks. Panasonic also disclosed a 6-month long data breach in their systems in November 2021.
