In a statement , Japanese tech giant Fujitsu attributed a Japanese government data breach earlier this year to its ProjectWEB tool.
In May, multiple government agencies — including the Ministry of Land, Infrastructure, Transport, and Tourism; the Cabinet Secretariat; and Narita Airport.
A Fujitsu spokesperson at the time confirmed to ZDNet’s Campbell Kwan that there wa
“unauthorized access to ProjectWEB, a collaboration and project management software, used for Japanese-based projects.” They suspended use of the tool and informed all impacted customers.
Fujitsu announced on Thursday that it hired a CISO in October and put in place “measures to prevent reoccurrence… under a new information security management and operating framework,” following an investigation.
The reason for the event, according to Fujitsu, is currently being verified by an internal committee as well as Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC), which will sign off on any further details about the incident.
Fujitsu intends to “create a new project information sharing platform that addresses the vulnerabilities presented by this incident with rigorous information security protections, including zero-trust principles, and will be moving project management responsibilities to the new tool,” according to the company.
The hack in May, according to Japanese news reports, exposed more than 75,000 emails from the Ministry of Land, Infrastructure, Transport, and Tourism. During the hack, data on business partners, employees, and the inner workings of government cybersecurity agencies, as well as information on Narita Airport, was seized.