Mitsubishi Electric, one of the world’s largest electronics and electrical equipment manufacturing firms has disclosed a major security breach which occurred last year.
The breach happened on June 28, and an official internal investigation began in September. The company disclosed the security incident after two local newspapers, the Asahi Shimbun and Nikkei based in Tokyo published stories about the hack.
The Chinese-linked cyber-espionage group named Tick (or Bronze Butler) was blamed to be responsible for the intrusion. This group was known for targeting Japan over the past few years.
According to the local media reports, the intrusion was detected after Mitsubishi Electric staff found a suspicious file on one of the company’s servers which was later tracked to a compromised employee account.
The unauthorized access began with affiliates in China and spread to bases in Japan.
The hackers increased their access from this initial entry point to Mitsubishi Electric’s internal systems, gaining access to the networks of around 14 company departments, such as sales and the head administrative office.
It was reported that hackers stole sensitive data from the company’s internal network and that the criminals compromised “tens of PCs and servers in Japan and overseas,” from where they stole around 200 MB of files, mostly business documents.
Even though Mitsubishi Electric did not deny about the data exfiltration, they denied that the intruders stole data on its business partners and defense contracts.
The company stated that the investigation is going on but the attackers appeared to have deleted access logs, slowing down investigators.
In Japan, this incident is being treated with the maximum severity. Mitsubishi Electric is one of Japan’s biggest defense and infrastructure contractors, with active projects within the Japanese military, and also telecommunications, railways, and the electrical grid.
The company had also notified members of the Japanese government and Ministry of Defense regarding the breach.