Japanese government suffers a data breach after Fujitsu hack

Fujitsu’s “ProjectWEB” information exchange technology was used to compromise multiple Japanese government entities.


Threat actors gained illegal access to ProjectWEB projects, according to Fujitsu, and stole some client data.


Companies and organizations can use Fujitsu’s ProjectWEB to share information internally, such as with project managers and stakeholders.


Attackers were able to obtain inside information using Fujitsu’s information-sharing mechanism, according to the Japanese Ministry of Land, Infrastructure, Transport and Tourism and the National Cyber Security Center (NISC).



  Cybersecurity, Fujitsu, Government, Supply-Chain Attack, Vulnerability, Security, InfoSec, Computer Security,fujitsu hack, fujitsu hacked, fujitsu data breach, fujitsu data leak, projectweb hacked, projectweb , projectweb fujitsu, fujitsu cyberattack,  Japanese Ministry of Foreign Affairs suffered a data breach, Computer Security, computers, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, cyberattack, cyberattacks, cybersafe news, cybersecurity, data breach, data stealing malware, E-Commerce, fake malware, hacker news, hacking news, how to hack, information security, InfoSec, infosec news, linux, Mac, Malware, malware removal, network security, online security, personal data exposed, phishing attack, ransomware, ransomware attack, ransomware gang, ransomware group, ransomware malware, ransomware news, RCE, Remote Access Trojan, Remote Code Execution, rootkit, Security, smartphone, software vulnerability, spyware, Supply Chain, support, system update app, system update malware app, tech, tech news, tech support, tech updates, technical support, trojan, virus, virus removal, Vulnerability, what is ransomware, fujitsu attack, fujitsu hack,
Fujitsu ProjectWEB overview illustrating different use cases of the info-sharing tool



Attackers obtained at least 76,000 e-mail addresses and proprietary information, including the e-mail system settings, by gaining unauthorized access to government systems via ProjectWEB.


Approximately 7,800 projects were using the platform as of 2009.


External email addresses were among those disclosed, including those of members of the Council of Experts who had been individually notified.


According to a press report, Fujitsu attackers were able to acquire air traffic control data, aircraft plans, and commercial activities from Narita International Airport, which is located near Tokyo.


In addition, the Japanese Ministry of Foreign Affairs suffered a data breach, exposing some study materials to unauthorized actors.


As a result, the Cabinet Secretariat’s national cybersecurity center (NISC) issued various alerts warning government agencies and key infrastructure companies to check for evidence of unauthorized access and information leakage using Fujitsu’s technology.


While the scope and cause of this issue are being fully investigated, Fujitsu has paused its ProjectWEB interface.


It’s still unclear if the breach was caused by a vulnerability exploit or a targeted supply-chain attack, and the investigation is still underway.


Fujitsu said they’ll notify the appropriate authorities and work with its customers to figure out what caused the breach.


According to a Fujitsu spokesperson, the business is undertaking a comprehensive investigation into the event and is working closely with Japanese authorities.


They have suspended the usage of this technology as a precautionary measure, and have notified any clients who may be affected.


Also read: Bose Data Breach: suffered a major ransomware attack


You might also like: E-commerce giant Mercari data breach: several data exposed


You might also like: Domino’s data breach: Users’ data available on dark web


You might also like: Air India Data Breach: Over 4.5 millions customers’ data impacted