Japanese tech giant Fujitsu discovered that several of its systems were infected by malware and warns that the hackers stole customer data.
Fujitsu is the world's sixth largest IT services provider, employing 124,000 people and having an annual revenue of $23.9 billion.
Its portfolio includes computing products like servers and storage systems, software, telecommunications equipment, and a range of services, including cloud solutions, system integration, and IT consulting services.
The company has a strong presence in the global market, operating in over 100 countries.
It also maintains a multifaceted relationship with the Japanese government, undertaking public sector projects, getting involved in government-funded R&D projects, and playing a crucial role in the country's national security.
An announcement published late last week on the firm's news portal discloses a major cybersecurity incident that has compromised systems and data, including sensitive information of customers.
Fujitsu says it will continue investigating how the malware found its way into business systems and what data it exfiltrated.
Though the firm says it has received no reports of the misuse of customer data, it has informed the Personal Information Protection Commission about the incident and is currently preparing individual notices for impacted customers.
BleepingComputer has contacted Fujitsu to learn if the data breach affects corporate clients or consumers and to inquire about the number of impacted individuals/entities, but a comment wasn't immediately available.
In May 2021, Fujitsu's ProjectWEB information sharing tool was exploited to breach the offices of multiple Japanese government agencies, allowing unauthorized access and stealing of 76,000 email addresses and proprietary data.
The stolen data included sensitive information from government systems and potentially air traffic control data from the Narita International Airport.
Subsequent investigations concluded in December 2021 showed that hackers leveraged stolen ProjectWEB credentials to achieve the breach.
The investigation also revealed several vulnerabilities in ProjectWEB, which was discontinued and later replaced by a new information-sharing tool incorporating zero-trust security measures.
Bank of America warns customers of data breach after vendor hack.
Verizon insider data breach hits over 63,000 employees.
HPE investigates new breach after data for sale on hacking forum.
Trezor support site breach exposes personal data of 66,000 customers.
AT&T says leaked data of 70 million people is not from its systems.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 18 Mar 2024 14:05:11 +0000