Pierluigi Paganini March 18, 2024

Technology giant Fujitsu announced it had suffered a cyberattack that may have resulted in the theft of customer information.

Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information.

The company revealed that multiple work computers were infected with malware, in response to the compromise the security staff disconnected impacted systems from the network. The company launched an investigation into the incident and discovered that threat actors may have exfiltrated files containing personal and customer information.

“We confirmed the presence of malware on multiple work computers at our company, and as a result of an internal investigation, we discovered that files containing personal information and customer information could be illegally taken out.” reads the notice published by the Japanese company.

“After confirming the presence of malware, we immediately disconnected the affected business computers and took measures such as strengthening monitoring of other business computers. Additionally, we are currently continuing to investigate the circumstances surrounding the malware’s intrusion and whether information has been leaked.”

The company is reporting the impacted individuals and has notified the Personal Information Protection Commission in anticipation of a data breach. The notice states that Fujitsu has not received any reports that personal information or information about its customers has been misused.

The investigation continues and the company hasn’t provided details about the attack, such as the malware that infected its computers.

It is also unclear which is the scope of the incident, how many individuals have been impacted and which information was accessed by the threat actors.

In May 2021, threat actors breached offices of multiple Japanese agencies after gaining access to projects using Fujitsu‘s ProjectWEB information-sharing tool.

ProjectWEB is a software-as-a-service (SaaS) platform for enterprise collaboration and file-sharing that was provided by Fujitsu

At the time, Fujitsu confirmed the security breach and revealed that the attackers had also stolen some customer data belonging to multiple government entities.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Fujitsu)