Tag Archive for: customer

Fujitsu Confirms Hackers Stole Customer Data

/in


Fujitsu has officially confirmed in a blog post that malware has been detected in its systems. Hackers could have stolen personal and customer information.

The confirmation was reportedly made late last week. The Japanese tech giant said a significant cybersecurity breach exposed systems and data, including sensitive client information. 

Fujitsu claims that after establishing the malware’s existence, it quickly separated the impacted business systems and took action, including surveilling additional company PCs. 

Japan's Second Quantum Computer Successfully Developed by Fujitsu, Riken

(Photo: KAZUHIRO NOGI/AFP via Getty Images)  Japan’s second quantum computer has been successfully developed. Fujitsu and research institute Riken are at the forefront of the latest technological advancement.

Although the company claims to have not received any reports of customer data being misused, Fujitsu pointed out that the company has reported the event to the Personal Information Protection Commission and is currently creating individual notices for the affected consumers.

Fujitsu is reportedly the sixth-largest provider of IT services in the world. Its portfolio consists of software, hardware for telecommunications, cloud solutions, system integration, IT consulting services, and computing devices, including servers and storage systems.

Read Also: Japan’s Second Quantum Computer Successfully Developed by Fujitsu, Riken

Fujitsu Data Breaches

The malware notification follows a hack into several Japanese government agencies’ offices in May 2021. Thanks to an exploit of Fujitsu’s ProjectWEB information-sharing technology, the hack gave rise to the unlawful access and subsequent theft of 76,000 email addresses and confidential information.

The stolen materials were among the sensitive data from government networks and perhaps air traffic control information from Narita International Airport.

Despite these Fujitsu data breaches, the company has proven to remain a global player in the tech industry, for better and for worse, most notably in the United Kingdom, wherein it reportedly became the epicenter of the “Post Office Scandal.”

More than 900 sub-postmasters were falsely convicted due to flaws in Fujitsu’s…

Source…

Fujitsu hack raises questions, after firm confirms customer data breach • Graham Cluley

/in


Fujitsu hack raises questions, after firm confirms customer data breachFujitsu hack raises questions, after firm confirms customer data breach

Fujitsu has warned that cybercriminals may have stolen files with personal and customer data after it discovering malware on its computer systems.

The firm at the center of the British Post Office scandal, said in a Japanese press release that it had discovered the presence of malware on its computers, the potential theft of customer data, and apologised for any concern or inconvenience caused.

Fujitsu announcementFujitsu announcement
Announcement published on Fujitu’s Japanese website.

The press release (a Google-translated version can be read here), is somewhat scant on detail.

For instance:

  • Fujitsu doesn’t disclose the malware found, the number of affected computers, or the internal systems or databases accessed.
  • Fujitsu doesn’t specify the type of malware found – a remote access backdoor? ransomware? something else?
  • Fujitsu doesn’t share details about the stolen information, calling it “personal information and customer information.” For instance, does it include contact details, passwords, or payment information?
  • Fujitsu announced on Friday 15 March that it suffered a cyber attack, but didn’t specify when it was discovered or how long the hackers had access to its systems and data.

Fujitsu says it has reported the incident to regulators and will contact affected individuals and customers.

The company also says that it has not seen any reports of the potentially stolen information being misused. Statements like these are meant to reassure affected parties, but they don’t make you feel much more comfortable in reality.

An absence of evidence is not evidence of absence. How could a company ever confidently and honestly claim it has incontrovertible proof that exfiltrated data has not been exploited by malicious hackers and online fraudsters?

Sign up to our free newsletter.
Security news, advice, and tips.

In the past, there have been many incidents where data stolen in a hack has not immediately shown up, before appearing on the dark web months or even years later.

Source…

Roku Has More than 15,000 User Accounts Hacked, Stolen Data Sold for 50 Cents Per Customer on the Dark Web

/in


Hackers have stolen personal data, including credit-card authentication credentials, of 15,363 Roku users, with individual user account data selling for just 50 cents each on the Dark Web. 

Some Roku users were locked out of their accounts, with data thieves coopting them to make nefarious in-app purchases. 

Source…

Toyota Financial Services ransom attack exposes customer banking info

/in


Toyota Financial Services (TFS) says personal details, including bank account information, were compromised in last month’s ransomware attack claimed by the Medusa ransomware gang.

The European branch of the Japanese automaker’s vehicle financing and leasing subsidiary sent a notice, to affected individuals informing them of the exposure.

On December 5th, TFS has also announced the breach on its website and that “unauthorized persons had gained access to personal data.”

“As announced on November 16th, Toyota Financial Services Europe & Africa has detected unauthorized activity on systems at a limited number of locations, including Toyota Kreditbank GmbH in Germany,” the post stated, translated from German.


TFS handles auto loans, leases, and other financial services to Toyota customers in every continent.

Toyota Deutschland GmbH is an affiliated company held by Toyota Motor Europe (TME) in Brussels, Belgium and located in Köln (Cologne).

The breach notification letter, also sent in German,
 explains that certain TKG files were accessed during the attack.

Toyota Financial Services breach notice

At this time, TFS can confirm the compromised information of those affected includes first and last names, as well as their residential postal code.

Other contract information that may have been exposed includes “contract amount, possible dunning status, and your IBAN (International Bank Account Number),” the letter stated.

“We regret any inconvenience this may have caused to customers and business partners,” TFS wrote.

“It’s not clear how the attackers initially gained access to Toyota’s systems, but with unauthorized access being detected, this could indicate stolen credentials were involved,” said CEO of My1Login Mike Newman.

Data frequently reveals that phishing and credential theft are two of the most common attack vectors used to deploy ransomware, Newman explained.

Newman said the incident is yet another example of “how criminals hold all the power when it comes to ransomware,” adding that for groups like Medusa, the money-making opportunities are endless.

“It doesn’t matter if the organization pays the ransom demand, attackers always have the upper hand as they can still…

Source…