Hackers Accessed Fujitsu’s ProjectWEB Used by Japanese Government
Last updated May 18, 2024
- An unknown group of hackers has gained unauthorized access to Fujitsu ProjectWEB, stealing sensitive data from its users.
- The particular SaaS is deployed in various Japanese ministries and also key corporate entities in the country.
- At least 76,000 email addresses have been stolen, and air traffic control data from the Narita Airport has been exfiltrated.
A massive security incident took place in Japan, as hackers managed to access Fujitsu’s ProjectWEB software, which is widely used by various Japanese government agencies and several key private firms. ProjectWEB is a complete SaaS (software as a service) solution that offers project management, security check tools, quality assurance, revision management, and progress monitoring tools, so it’s central to the operations of the entities deploying it in their environment. As such, the impact of the incident goes deep and wide.
According to the first reports that come from the country, several things have already been confirmed as compromised. Here are three key confirmations of a ProjectWEB-related breach.
- At least 76,000 email addresses of employees and business partners of the Ministry of Infrastructure, Transportation, Land, and Tourism, along with internal mail and internet settings.
- The cybersecurity center has also reported that information from several of its offices has been exfiltrated.
- The Narita Airport east of Tokyo has confirmed the stealing of air traffic control data.
Along with the confirmations of the breach came one positive investigation report from Chief Cabinet Secretary Katsunobu Katō, who told the press that the cabinet’s systems were not compromised and their operations have not been impacted.
Fujitsu has suspended the services of its SaaS platform to investigate the scope of the attacks and develop a comprehensive clean-up plan. As the firm mentions in the relevant announcement, they will cooperate with the compromised customers to move the investigation forward as quickly as possible and will provide whatever support they can to the affected victims.
Right now, there’s no word about who could be behind the attack, but recently, the Japanese authorities openly accused Chinese state-supported hackers of persistent targeting. The Chinese government refuted these claims as baseless and politically motivated, but the Japanese maintained their stance.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular