A 4GB worth of stolen data allegedly from Fujitsu was posted last August by a popular cybercrime marketplace known as Marketo. When the group was marketing the stolen data that they claim to be from Fujitsu, the company said that they were actually investigating a potential attack. They added that the source of this possible attack is unknown. Meanwhile, the attacker group Marketo said that they have Fujitsu’s customer information, budget and company data, reports, documents, and some project information.
On September 10, Fujitsu and Marketo have confirmed that the stolen data is not linked to Fujitsu but towards one of its affiliate firms. A spokesperson from Fujitsu has verified that there has been an investigation about the issue revealing that the 4GB worth of stolen data was not from their company’s system. Additionally, the actors from Marketo have reformed their marketing method following the confirmation.
The spokesperson also added that they have conducted a profound review about the incident knowing that Marketo has initially claimed that the uploaded data is related to the relationship of Fujitsu and its customer situated in Japan. Fujitsu expressed that the company will no longer comment on the incident since there have been absences of solid evidence that links them to the breach and that they are in no position to speculate further as well. Eventually, Marketo stated that the stolen data was from Toray Industries, a manufacturing firm from Japan.
Last August this year, Marketo provided an evidence package worth 24.5M which has screenshots of data linked to Toray Industries. The public primarily thought that the data was from Fujitsu, which has led to the previous speculations. Even though the marketplace has changed its original statement and the description of the advertisement now focuses on Toray Industries, they are still using the logo of Fujitsu in selling the data on their platform.
In conclusion, many cybersecurity experts highlighted the unreliability of criminal marketplaces.
ProjectWEB of Fujitsu led to data breaches amongst government agencies in Japan
ProjectWEB information sharing tool of Fujitsu has led to multiple breaches in many government agencies located in Japan last May this year. As reported by the company, the attackers have effectively gained illegal access to government projects that worked with ProjectWEB. As per researchers, it is still unknown if the breach is due to vulnerability or if the attack is targeted.
According to the announcement of the National Cyber Security Center in Japan, the breach has been due to Fujitsu’s sharing tool called ProjectWEB – a statement that as well backed by Fujitsu themselves saying that the hackers have obtained contact to all of its projects that operated on the said tool.
The hackers could steal over 76,000 worth of email addresses and proprietary information after effectively breaching the government systems.