Fujitsu Blames Government Data Breach in Japan on Stolen ProjectWEB Accounts

Fujitsu Blames Government Data Breach in Japan on Stolen ProjectWEB Accounts

Fujitsu revealed that attackers behind the data breach in May exploited a weakness in Fujitsu’s ProjectWEB information-sharing platform to hijack accounts from genuine users and access confidential data belonging to numerous Japanese government entities. During the ProjectWEB breach, the threat actors obtained access to at least 76,000 email accounts.

Following the attack, the Cabinet Secretariat’s national cybersecurity center (NISC) advised [12] government agencies and critical infrastructure companies to check for illegal access or data leakage symptoms using Fujitsu’s ProjectWEB tool.

Today, the business said that the investigation into the incident discovered multiple security flaws that attackers may have used to obtain access to ProjectWEB accounts. They got illegal access by hijacking real users’ ProjectWEB accounts, which allowed them to blend in and elude detection, as revealed during an internal examination.

“One of these was used to illegitimately obtain legitimate IDs and passwords to make unauthorized access to ProjectWEB in such a way that it appeared like an authorized user was accessing the tool through normal channels of authentication and communication,” Fujitsu said

“At present, the cause of this incident and our company’s response are additionally being verified by a committee comprised of external experts. In addition, from an objective and technical perspective, Fujitsu is consulting with the National center of Incident readiness and Strategy for Cybersecurity (NISC) to confirm the appropriateness of the investigation into the cause of this incident and the confirmation of the extent of impact of the incident. Based on the results of the verification by the external committee and advice from Japan’s NISC and other relevant authorities, Fujitsu will summarize this matter at an appropriate time.”

Following the breach’s discovery, the firm halted and canceled the ProjectWEB site, with plans to launch and transition users to a new zero-trust project information sharing solution. Since mid-December 2020, hundreds of client organizations, including banks, government agencies, and IT corporations, have been impacted by a hacking campaign targeting Accellion File Transfer Appliance (FTA).

Fujitsu is a global technology corporation headquartered in Japan that employs over 126,000 people in over 100 countries. Fujitsu reported $34 billion in consolidated revenue in the previous fiscal year.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.