Fujitsu confirms that information related to some individuals and customers’ business has been compromised during the data breach detected earlier this year.
The Japanese tech giant states that the attack did not involve ransomware but relied on a sophisticated mechanism to evade detection while exfiltrating data.
In March, the company discovered that several of its systems had been infected with malware and noted the possibility of sensitive customer information being compromised.
Fujitsu isolated the impacted computers and started an investigation with the help of external experts to determine the scope of the breach.
Investigation results
In a statement today, the company says that it has concluded the investigation into the incident and confirms that data was stolen by malware that pivoted from a single point of compromise to 49 computers.
“After malware was placed on one of our business computers, it was observed spreading to other business computers,” the company explains.
“This malware is not ransomware but employs sophisticated techniques to disguise itself, making detection difficult. It was determined to be a highly advanced attack” – Fujitsu
Fujitsu says the 49 infected computers were isolated immediately after the discovery of the attack and the malware was contained to the Japan-based network environment.
The company says that “commands to copy files were executed due to the behavior of the malware.” For this reason, Fujitsu notes that there is the possibility for the data to have been exfiltrated.
“The files that were able to be copied contained personal information of some individuals and information related to the business of customers,” the company explains.
Fujitsu adds that it has not received any reports that the compromised data has been misused.
Following the analysis of the malware and the incident, Fujitsu implemented security monitoring rules for all business computers in the company and updated the malware detection solution to prevent similar attacks.
