July 10, 2024 at 09:58AM
Fujitsu Japan confirmed an “advanced” malware strain, not ransomware, was responsible for a March data theft affecting individuals with personal and customer information. Despite isolating infected machines and enhancing monitoring, the company didn’t disclose the scale but notified affected individuals. It aims to further bolster information security following the incident.
From the meeting notes, it is clear that Fujitsu Japan experienced a serious data theft incident caused by an unspecified “advanced” malware strain. Although the company initially downplayed the likelihood of a data theft, it has now confirmed that personal information and data related to their customers were illegally copied. Fujitsu has taken measures to isolate infected machines from the network and has reported the incident to the affected customers individually as required by Japan’s data protection laws.
It is also indicated that the incident has been reported to Japan’s Personal Information Protection Commission (PPC) due to the nature of the attack and the potential misuse of stolen data. Fujitsu is committed to strengthening its information security measures in response to this incident.
The company has not disclosed the scale of the data theft but has affirmed that it is not aware of any stolen data being misused by malicious parties. Despite the malware not being ransomware, it utilized advanced techniques to disguise itself and spread within Fujitsu’s internal Japan network.
In summary, Fujitsu Japan has acknowledged the severity of the incident, apologized for the concern and inconvenience caused, and has committed to improving its information security in response to the data theft caused by the advanced malware strain.