Fujitsu, a leading Japanese technology company, identified malware infections in some of its systems and cautioned that customer data may have been compromised.

With a workforce of 124,000 and an annual revenue of $23.9 billion, Fujitsu ranks as the sixth-largest IT services provider globally. Its offerings encompass a wide array of computing products, software, telecommunications equipment, and services such as cloud solutions, system integration, and IT consulting.

The company boasts a robust global footprint, spanning across more than 100 countries. Additionally, it maintains diverse engagements with the Japanese government, participating in public sector initiatives, collaborating on government-funded research and development endeavours, and contributing to national security efforts. A recent post on the company’s news platform unveiled a significant cyber security breach, impacting systems and sensitive customer data.

In a notice dated March 15, the multinational technology corporation acknowledged the detection of malware on several company work computers. Following an internal probe, it was determined that files containing both personal and customer information were susceptible to unauthorized extraction. The announcement lacks details on the specific malware employed, the timing of the breach, or the extent and nature of the compromised data. Fujitsu did mention that, to date, no instances of customer information misuse have been reported.

Fujitsu refrained from specifying the type of personal information compromised or its affected parties, whether employees, corporate clients, or individuals using the company’s technologies through government channels.

 

Hackers Stolen Personal Information

After discovering the presence of malware, Fujitsu launched an extensive internal inquiry, uncovering the possibility of unauthorized access to files containing sensitive personal and customer data. The company responded swiftly by implementing robust security measures, such as isolating affected computers and enhancing network surveillance, to mitigate further data risks. Fujitsu is currently conducting a thorough investigation into the malware’s entry method and the extent of data exposure. As part of its proactive approach, Fujitsu has reached out to potentially affected individuals and customers to apprise them of the situation. Furthermore, Fujitsu has reported the potential breach to the Personal Information Protection Commission, demonstrating compliance with regulatory standards and a commitment to transparency.

In 2021, Fujitsu took ProjectWEB, the company’s enterprise software-as-a-service platform, offline following the discovery of a hack that breached multiple Japanese government agencies, including the Ministry of Land, Infrastructure, Transport, and Tourism; the Ministry of Foreign Affairs; and the Cabinet Secretariat. Japan’s Narita Airport was also affected.

The compromised data encompassed sensitive details from government systems and possibly air traffic control information from Narita International Airport. Findings from investigations carried out until December 2021 unveiled the exploitation of pilfered ProjectWEB credentials by hackers for the intrusion. Additionally, the inquiry unearthed numerous vulnerabilities within ProjectWEB, leading to its discontinuation and subsequent replacement with a new information-sharing platform bolstered by zero-trust security protocols.

Fujitsu representatives didn’t respond to requests for comment about last week’s breach disclosure. The company said it reported the incident to Japan’s data protection authority. “We deeply apologize for the great concern and inconvenience this has caused to everyone involved,” last week’s statement said.

Fujitsu says it will continue investigating how the malware found its way into business systems and what data it exfiltrated.

Though the firm says it has received no reports of the misuse of customer data, it has informed the Personal Information Protection Commission about the incident and is currently preparing individual notices for impacted customers. “To date, we have not received any reports that personal information or information about our customers has been misused,” the company says.

Remediation

• Patch and Update Systems: Apply security patches and updates to address vulnerabilities exploited by the malware and prevent future attacks.
• Implement Security Solutions: Deploy endpoint protection, intrusion detection and prevention systems, firewalls, and email security solutions to detect and block malware threats before they can execute.
• Containment: Employ network segmentation and access controls to prevent the malware from spreading further within the network.
• Educate Employees: Provide comprehensive training to employees on recognizing phishing emails, suspicious links, and other social engineering tactics used in malware attacks.
• Enable Email Security: Use email security solutions to filter and block malicious attachments and links, preventing malware from reaching end users through email.
• Harden Security Policies: Enforce strong password policies, implement multi-factor authentication, and restrict user privileges to minimize the attack surface and limit the impact of infections.