Mitsubishi breached by suspected Chinese hackers

The electronics giant is one of Japan’s key defence and infrastructure contractors

Japanese electronics and manufacturing titan Mitsubishi announced it has detected evidence of a cyber attack in which attackers allegedly stole around 200MB of internal business documents from a number of PCs and servers.

The attack took place more than six months ago on 28 June last year, according to a short statement posted to the company’s website, and involved the theft of personal information and confidential corporate data.

Concerns have been raised as to the consequences of the attack, due to Mitsubishi’s close ties to the Japanese government. The company holds a number of key contracts within Japan’s national infrastructure and defence sectors, but Mitsubishi has denied that any sensitive information relating to these areas was leaked.

According to Japan’s Nikkei newspaper, sources involved in the investigation into the breach suggest that ‘Tick’ - a hacking group with suspected links to China that has attacked a series of Japanese defence, satellite and aerospace companies - may be behind the attack. 

Related Resource

How targeted simulations differ from penetration tests and vulnerability scanning

Stay one step ahead of cyber attackers

Download now

The attack on Mitsubishi’s network has been traced back to a single compromised account belonging to an employee of one of the company’s China-based affiliates, according to Japan’s Asahi Shimbun newspaper, which was then used to infiltrate the internal networks and compromise machines belonging to a number of middle managers throughout various divisions.

Along with the data stolen as part of the initial breach, the attack could be used to launch supply-chain attacks against Mitsubishi’s corporate customers and partners; a tactic that has become increasingly popular in recent years.

Mitsubishi has apologised for the inconvenience caused to anyone affected by the incident.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Global ransom DDoS extortionists are retargeting companies
distributed denial of service (DDOS)

Global ransom DDoS extortionists are retargeting companies

22 Jan 2021
BEC scammers are using Google Forms to identify easy victims
phishing

BEC scammers are using Google Forms to identify easy victims

21 Jan 2021
FBI warns of ongoing corporate vishing attacks
phishing

FBI warns of ongoing corporate vishing attacks

19 Jan 2021
Hackers using COVID vaccine as a lure to spread malware
hacking

Hackers using COVID vaccine as a lure to spread malware

15 Jan 2021

Most Popular

School laptops sent by government arrive loaded with malware
malware

School laptops sent by government arrive loaded with malware

21 Jan 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021