Japanese manufacturer Mitsubishi Electric has acknowledged its discovery last June of a data breach perpetrated by an unauthorized third party that accessed both personal employee information and corporate materials.
The public disclosure came amid multiple English and Japanese news sources publishing details on the incident [1, 2, 3, 4, 5], which experts believe may be the work of the Tick hacking group, also known as the suspected Chinese cyber espionage actor Bronze Butler.
According to reports, the malicious actor was privy to data corresponding to more than 8,000 current and former employees, as well as various job-seekers who applied for a position between 2011 and April 2020. This reportedly includes results from a 2012 survey about a human resources system, and data on 1,569 retirees who received severance pay sometime between between 2007 and 2019.
Compromised information may include names, birthdates, telephone numbers and places of work.
On the corporate client side, the hack reportedly exposed data belonging to over 10 government organizations and dozens of businesses, some of which work in the defense, energy, transportation and telecom sectors. Impacted government agencies include the Ministry of Defense, the Nuclear Regulatory Commission and the Agency for Natural Resources and Energy.
Mitsubishi claimed in a brief corporate statement that the accessed government materials did not involve "technical information or important information related to business partners," and that "no damage or impact related to this matter has been confirmed."
According to an Asahi Shinbum report, Mitsubishi detected the suspicious cyber activity at its at its Information Technology R&D Center in Kamakura, Kanagawa Prefecture. Further investigation revealed that more than 40 servers and more than 120 computer terminals located in Japan and overseas were affected.
The report says the attackers invaded Mitsubishi's network by initially compromising an affiliated company in China before and using that access to advance into the main company systems. Asahi further noted that the took place a short time before before Mitsubishi Electric started providing a cybersecurity service for public facilities and office buildings.