Japan continues to investigate a cyberattack which was disclosed by Mitsubishi Electric Corp. this January. The security breach might have exposed personal and confidential corporate data even though at that time it was claimed that attackers did not get sensitive information about defense contracts.
Mitsubishi revealed that personal data of around 8,000 people also might have been leaked.
The breach was detected last year, June and the delay was due to the increased complexity of the investigation caused by the attackers deleting activity logs.
The intrusion happened on June 28, 2019, and the company conducted an investigation in September 2019. Mitsubishi Electric revealed about the security incident after two local newspapers, the Asahi Shimbun and Nikkei, reported the security breach.
Mitsubishi Electric had also already notified members of the Japanese government and the Ministry of Defense.
Now, the authorities suspect that the data leak could have exposed details of a prototype of a cutting-edge high-speed gliding missile intended for deployment for the defense of Japan’s remote islands among China’s military activities in the region.
The ministry suspects the information might have been stolen from documents sent from several defense equipment makers as part of a bidding process for the project. Mitsubishi Electric did not win the bid.
Chief Cabinet Secretary Yoshihide Suga announced that the Defense Ministry is investigating the possible impact of the information leak on national security.
The Defense Ministry was working on a prototype of supersonic missile known as HGV, a technology also being studied by the U.S., China, and Russia.
The cyber-attack accredited to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler). The hacker group were targeting Japanese heavy industry, manufacturing and international relations for several years.
According to the experts, the group is linked to the People’s Republic of China and is focused on collecting confidential data.