2020 has been an intense year in terms of cybersecurity issues, with a wide gamut of cybercrime events ranging from heavy-hitting ransomware attacks to malicious phishing infiltrations. The intensity of cybercrime events continues to spiral upwards, especially so with the end of the year coming soon, bringing with it data breaches galore.
There is currently an ongoing investigation over yet another data breach this year, this time at Kawasaki Heavy Industries Ltd. Kawasaki Heavy Industries Ltd. (Kawasaki Heavy) is a 124-year-old multinational corporation employing more than 30,000 people, located in Kobe, Japan. The corporation is a global giant in heavy industrial manufacturing.
Data Breaches Were Detected in June
According to information from Kawasaki Heavy, data breaches were taking place as far back as June this year (update March 2022: article no longer available on source’s website). They were discovered during a system audit and were pinpointed as belonging to a server in Thailand. During this investigation process by the industry giant, it was also concluded that this was not the only, or the first breach to affect them. According to further information, data breaches were even affecting the company since September 2019.
It was confirmed by the company that the unauthorized breach included the theft of administrator passwords and identification credentials. More analysis provided details of the hacking potentially targeting defense-related information. The connection could potentially be to do with the Defense Ministry because the company is a contractor for the government.
The investigation around the Kawasaki Heavy data breach is still ongoing, and they have divulged an official report about the issue in the meantime. More details reveal that some information from “overseas offices may have been leaked to external parties.” The report continues with the information that it has taken a long time to formally announce the incident because the scope of the breach “spanned multiple domestic and overseas offices”.
Further information reveals that not only the server in Thailand was in question, but overseas sites in the United States, Philippines, and Indonesia were discovered as well. Kawasaki Heavy has stated that, due to the unfolding events, they have now consolidated monitoring operations for overseas offices and are continuing to make access restrictions extremely strict.
The company also expanded on details on what measures they have taken into account for this issue. They have outlined that the ‘Kawasaki special project team’ has contacted an independent security company, and have in the meantime been applying countermeasures together. The investigation also showed that data may have been leaked to third parties. In the meantime, Kawasaki Heavy is contacting all customers potentially affected by the breach.
Kawasaki Heavy has confirmed that the breach in question was done without leaving a trace, which pointed to very sophisticated technology. Because the company does handle large amounts of sensitive data such as social infrastructure-related information and personal data, they have stated that information security measures are a ‘top priority’. Further reports on the exact types and amount of data that have been leaked have not been published for the time being.
Just like all other high-tier breaches this year, the protocol is that the business that has been breached terminates data leakage, and applies rigorous monitoring and access control which Kawasaki Heavy is currently implementing.