The team logo
Daily Brief Changelog
v0.7

Article Details

Scrape Timestamp (UTC): 2024-07-09 19:37:34.473

Source: https://www.bleepingcomputer.com/news/security/fujitsu-confirms-customer-data-exposed-in-march-cyberattack/

Original Article Text

Click to Toggle View

Fujitsu confirms customer data exposed in March cyberattack. Fujitsu confirms that information related to some individuals and customers' business has been compromised during the data breach detected earlier this year. The Japanese tech giant states that the attack did not involve ransomware but relied on a sophisticated mechanism to evade detection while exfiltrating the details. In March, the company discovered that several of its systems had been infected with malware and noted the possibility of sensitive customer information being compromised. Fujitsu isolated the impacted computers and started an investigation with the help of external experts to determine the scope of the breach. Investigation results In a statement today, the company says that it has concluded the investigation into the incident and confirms that data was stolen by malware that pivoted from a single point of compromise to 49 computers. "After malware was placed on one of our business computers, it was observed spreading to other business computers," the company explains. "This malware is not ransomware but employs sophisticated techniques to disguise itself, making detection difficult. It was determined to be a highly advanced attack" - Fujitsu Fujitsu says the 49 infected computers were isolated immediately after the discovery of the attack and the malware was contained to the Japan-based network environment. The company says that "commands to copy files were executed due to the behavior of the malware." For this reason, Fujitsu notes that there is the possibility for the data to have been exfiltrated. "The files that were able to be copied contained personal information of some individuals and information related to the business of customers," the company explains. Fujitsu adds that it has not received any reports that the compromised data has been misused. Following the analysis of the malware and the incident, Fujitsu implemented security monitoring rules for all business computers in the company and updated the malware detection solution to prevent similar attacks.

Daily Brief Summary

DATA BREACH // Fujitsu Reports Data Compromise in Sophisticated Malware Attack

Fujitsu announced a data breach affecting customer and individual information due to a malware attack detected in March.

The breach stemmed from malware that spread across 49 computers in the company, starting from a single point of infection.

The malware used advanced techniques to evade detection and facilitate the unauthorized copying of sensitive data.

While not ransomware, the malware allowed the exfiltration of personal and business-related information from Fujitsu's network.

The company has completed its investigation with external experts and has isolated affected systems to contain the breach.

Fujitsu has implemented enhanced security measures and updated their malware detection systems to prevent future incidents.

No misuse of the compromised data has been reported as of the company's latest updates.