Mitsubishi Electric Corp. was hit by a new cyberattack

Mitsubishi Electric Corp. was hit by a new cyber attack that may have caused the leakage of information related to its business partners.

Mitsubishi Electric Corp. was hit again by a massive cyberattack that may have caused the leakage of information related to its business partners.

“Company officials on Nov. 20 said they were checking the 8,653 accounts of those it has business transactions with to determine if information related to bank accounts of the other parties as well as other information leaked.” reads a post published on the Asahi Shimbun website.

Mitsubishi Electric continues to be the target of hackers, in 2018, an alleged China-linked cyber espionage group compromised the servers at the company by exploiting a zero-day vulnerability in Trend Micro OfficeScan. The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs.

The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019. Mitsubishi Electric disclosed the security incident only after two local newspapers, the Asahi Shimbun and Nikkei, reported the security breach. Highly confidential information belonging to organizations in the defense sector, railways and electric power supply was apparently stolen.

The two media outlets attribute the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler).

The hacker group has been targeting Japanese heavy industry, manufacturing and international relations at least since 2012,

According to the experts, the group is linked to the People’s Republic of China and is focused on exfiltrating confidential data.

After the attack, the company installed an improved defense system to prevent attacks in the future, the company also created a new department reporting directly to the company president to implement new cybersecurity measures.

According to local media, the latest cyber attack was likely orchestrated by an APT group because of the major role of Mitsubishi Electric in supporting Japan’s national security and infrastructure.

Mitsubishi Electric confirmed that information linked to thousands of bank accounts has been leaked after a cloud storage system operated by a contractor was breached by hackers.

The company confirmed that the incident took place on Monday and that 8,635 bank accounts held by business partners have been compromised. Data exposed after the incident data includes names, addresses, and phone numbers of account holders.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, malware)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.