Thursday, August 5, 2021

Kawasaki Heavy Industries reports data breach

Must Read

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Nvidia releases security update for high-severity flaws affecting Windows, Linux devices

NVIDIA has released security updates to address six security vulnerabilities found in Windows and Linux GPU screen drivers, as...

DNSpooq allows attackers to poison DNS cache records

Network administrators have requested that they use the latest Dnsmasq updates to prevent new DNSpooq attacks. Security experts today revealed...

Kawasaki Heavy Industries, Ltd. announced that it was subject to unauthorized access from outside the company.

As a result of a thorough investigation, the company has discovered that some information from overseas offices may have been leaked to external parties.

The Japanese firm, which manufactures motorcycles, military aircraft, and industrial machinery, among many other products, said an internal audit back in June revealed that its domestic servers had been accessed via an overseas office in Thailand.

At this time, the company has found no evidence of leaking information to the external network.

However, because the scope of unauthorized access spanned multiple domestic and overseas offices, it took a considerable amount of time until the company can formally announce the incident.

We sincerely apologize for this delay and the inconvenience and concern to customers and other related parties.

It later discovered further unauthorized access via satellite offices in Indonesia, the Philippines, and the US.

Local media reported that the access started in September 2019 at the latest. The Japan Times also quoted Kawasaki as saying that administrator ID and passwords had been stolen as part of the incident.

Without a trace

Tokyo-headquartered Kawasaki said that entry to its servers “had been carried out with advanced technology that did not leave a trace”.

news release (PDF) issued yesterday (December 28) stated that an investigation revealed that information related to “unknown content” may have been leaked to a third party.

Kawasaki Heavy Industries reports data breach
Image:Kawasaki Heavy Industries
Kawasaki Heavy Industries reports data breach
Image:Kawasaki Heavy Industries

It is not yet clear what type of data was accessed, nor how big the leak was.

According to the Japan Times, the cyber-attack may have been launched to obtain “defense-related information”, although this has not been confirmed.

The abnormal activity was first detected in June, and Kawasaki’s press release details the steps the firm took in response, and their significant findings, including some clear statements about what they could not determine.

The administrator identification and password of the company’s domestic system had been stolen, Kawasaki Heavy said.

“Customers who may have been affected by this unauthorized access are being contacted individually.”

Kawasaki has also established an in-house cybersecurity team, which it says will “strengthen security measures, analyzing the latest unauthorized access methods, to prevent recurrence”.

Fraudulent access from outside the company started in September 2019, at the latest, according to the company

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.


Please enter your comment!
Please enter your name here

Latest News

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a...

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

Apple Releases patches for an actively exploited zero-day flaw in ios, macOS

Apple on Monday Release an urgent security patch for iOS,macOS, iPadOS, to address a zero-day flaw that has been actively exploited. Apple has revealed that...

Microsoft Releases Mitigations For New PetitPotam NTLM Relay Attack

Microsoft releases mitigations and advisory For the New PetitPotam NTLM Relay Attack that abuses a remote access protocol called Encrypting File System Remote Protocol...

Brazil is creating a cyberattack response network

Brazil is creating a cyberattack response network to promote rapid response to cyber threats and vulnerability through coordination between federal government agencies. Created by a...

More Articles Like This