Fujitsu Data Breach: No Ransomware, But Info Leaked
In March 2024, Fujitsu detected malware infections in several of its systems, raising concerns about potential compromises of sensitive customer information.
Samiksha Jain July 10, 2024
Share on LinkedInShare on Twitter
Fujitsu, the renowned Japanese tech giant, has confirmed a data breach that compromised personal and business information of some individuals and customers. The Fujitsu data breach, discovered earlier this year, did not involve ransomware but utilized sophisticated mechanisms to evade detection while exfiltrating sensitive details.
“We would like to inform you of the results of our investigation into the possible leak of personal information, which we announced on March 15, 2024, and the measures that have already been implemented. Customers affected by this incident have already been notified individually,” reads the company’s official statement.
In March 2024, Fujitsu detected malware infections in several of its systems, raising concerns about potential compromises of sensitive customer information. The company promptly initiated a comprehensive investigation, in collaboration with an external specialist research firm, to identify the scope and cause of the Fujitsu data breach. The investigation included a thorough analysis of log information and interviews with internal personnel. Here is what the investigation revealed:
Fujitsu Data Breach: Malware Behavior and Scope of Impact
The Fujitsu data breach investigation revealed that the malware was installed on one of Fujitsu’s business computers and subsequently spread to other work computers within the company’s internal network in Japan. This malware, unlike ransomware, employed advanced techniques to disguise itself and evade detection. Despite its sophistication, the investigation confirmed that the number of infected work computers and those affected by executed copying commands did not exceed the initially detected 49 computers.
“After malware was installed on one of our company’s business computers, it was confirmed that the malware’s behavior spread from that computer to other business computers. This malware was not ransomware, but rather a type of attack that used advanced techniques, such as disguising itself in various ways to make it difficult to detect, making it extremely difficult to detect,” informed Fujitsu Team.
Importantly, these compromised computers were not involved in managing Fujitsu’s cloud services, and no traces of access to customer-provided services were found. Therefore, it was determined that the impact did not extend beyond the company’s internal network to customer environments.
Scope of Information Leak in Fujitsu Data Breach
Further examination of Fujitsu’s communication and operation logs revealed that the malware executed commands to copy certain files. These files contained personal information of some individuals and business-related information of customers. Although there have been no reports of misuse of the compromised information, Fujitsu has proactively notified the affected customers and is taking necessary measures to mitigate any potential risks.
“The files that were able to be copied contained personal information of some individuals and information related to the business of customers, and we have reported this to the affected customers individually and are taking the necessary measures. At this time, we have not received any reports that personal information or information related to customers’ business has been misused,” the Fujitsu team informed further.
So What Measures Fujitsu Is Taking
Fujitsu has implemented several measures to address the breach and enhance its information security:
- Isolation and Initialization: Upon detecting suspicious behavior, all business PCs suspected of being affected were isolated from the company network and initialized to prevent further spread of the malware.
- Blocking External Connections: Connections to external servers used by the attackers as sources of intrusion were blocked to cut off the malware’s communication channels.
- Enhanced Security Monitoring: The characteristics of the malware’s attack method were identified and incorporated into security monitoring rules for all business PCs within the company. Additionally, virus detection software was enhanced and updated to improve its effectiveness against such sophisticated threats.
Fujitsu has assured its customers that it is committed to further strengthening its information security measures to prevent similar incidents in the future.
Fujitsu extends its deepest apologies to all individuals and customers affected by this incident. “We would like to offer our deepest apologies to all those involved for the great concern and inconvenience caused,” said Fujitsu.
The data breach at Fujitsu highlights the evolving nature of cyber threats and the importance of strong security measures. The company’s swift response and transparent communication demonstrate its dedication to maintaining trust and accountability in the face of cyber challenges.h
