Mitsubishi Electric Corp. was hit again by a massive cyberattack that may have caused the leakage of information related to its business partners.
“Company officials on Nov. 20 said they were checking the 8,653 accounts of those it has business transactions with to determine if information related to bank accounts of the other parties as well as other information leaked.” reads a post published on the Asahi Shimbun website.
Mitsubishi Electric continues to be the target of hackers, in 2018, an alleged China-linked cyber espionage group compromised the servers at the company by exploiting a zero-day vulnerability in Trend Micro OfficeScan. The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs.
The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019. Mitsubishi Electric disclosed the security incident only after two local newspapers, the Asahi Shimbun and Nikkei, reported the security breach. Highly confidential information belonging to organizations in the defense sector, railways and electric power supply was apparently stolen.
The hacker group has been targeting Japanese heavy industry, manufacturing and international relations at least since 2012,
According to the experts, the group is linked to the People’s Republic of China and is focused on exfiltrating confidential data.
After the attack, the company installed an improved defense system to prevent attacks in the future, the company also created a new department reporting directly to the company president to implement new cybersecurity measures.
According to local media, the latest cyber attack was likely orchestrated by an APT group because of the major role of Mitsubishi Electric in supporting Japan’s national security and infrastructure.
Mitsubishi Electric confirmed that information linked to thousands of bank accounts has been leaked after a cloud storage system operated by a contractor was breached by hackers.
The company confirmed that the incident took place on Monday and that 8,635 bank accounts held by business partners have been compromised. Data exposed after the incident data includes names, addresses, and phone numbers of account holders.
(SecurityAffairs – hacking, malware)