Contents:
Fujitsu’s ProjectWEB recently suffered a data breach. ProjectWEB is a tool created in order to enable companies and organizations to exchange information internally, therefore by gaining unauthorized access to government systems via ProjectWEB, attackers were able to obtain at least 76,000 e-mail addresses, and proprietary information, including the e-mail system settings, as confirmed by the Ministry of Land, Infrastructure, Transport, and Tourism.
The tool has been used heavily since 2009 on more than 7,800 projects, according to a document belonging to Fujitsu.
The Ministry of Land, Infrastructure, Transport and Tourism and the National Cyber Security Center (NISC) of Japan disclosed the fact that attackers were able to get their hands on inside information, by gaining unauthorized access to projects that used ProjectWEB.
It looks like the attackers were able to access more than 76.000 email addresses, but it remains unknown at this time if the breach happened because of a vulnerability exploit, or a targeted supply-chain attack.
In the email addresses that were exposed could be found some belonging to external parties, like members of the Council of Experts, and also data belonging to the Narita International Airport, located near Tokyo.
The airport was impacted as well, with the attackers managing to steal air traffic control data, flight schedules, and business operations.
Japan’s Ministry of Foreign Affairs also became one of the victims of the data breach, having some study materials exposed to unauthorized actors.
The details of this case are under investigation by the company, but the leaked information is a study material for the realization of digital government promoted by the Ministry of Foreign Affairs, and it is said that some related personally identifiable information is included. As a result of confirmation, the relevant person has already been contacted. In addition, this information is a study material for the future, and no impact on the system and operations of the Ministry of Foreign Affairs has been confirmed.
We have received a report that the project information sharing tool of Fujitsu Limited has already been stopped.
We are requesting the company to investigate the cause and thoroughly prevent a recurrence.
Fujitsu has suspended the ProjectWEB portal whilst the scope and cause of this incident are being fully investigated.
Fujitsu said they will be notifying the relevant authorities and work with their customers in order to identify the cause of the data breach.
Recently, some projects that use “Project WEB”, which is a tool for sharing information with related parties inside and outside the company when operating the project, have been illegally accessed by a third party and saved in the tool. It turned out that some of the information entrusted to us by our customers was stolen.
We deeply apologize for the great concern and inconvenience caused to all the parties involved in this case.
The scope and cause of this incident are currently under investigation, and the operation of “Project WEB” has been suspended to prevent further unauthorized access.
We will continue to work on investigating and analyzing the scope of impact and the causes of all projects that use “Project WEB” with the cooperation of our customers.We take this case very seriously and will continue to consult with the relevant authorities and make every effort to support the victims.
Journalists at BleepingComputer have reached out to Fujitsu with some specific questions related to the incident, and were told:
Fujitsu can confirm unauthorized access to ‘Project WEB,’ a collaboration & project management software, used for Japanese-based projects.
Fujitsu is currently conducting a thorough review of this incident, and we are in close consultation with the Japanese authorities. As a precautionary measure, we have suspended [the] use of this tool, and we have informed any potentially impacted customers.