Mitsubishi Electric has been hacked. Internal networks and data exposed

Information security specialists reported a massive cyberattack against Mitsubishi Electric. Apparently, corporate networks were compromised, as were multiple details about government agencies and business partners of the company. This attack could have disastrous consequences, as Mitsubishi is a key player in Japan’s IT and defense infrastructure.

The information compromised during the incident consists mainly of email exchanges between senior executives of the company and the Ministry of Defense of Japan, as well as with the Regulatory Authority of the Nuclear Industry. Other details involved include documentation related to collaboration projects with other private companies, including infrastructure development plans for utilities, rail operation and car development.

At the moment, further details are unknown, although a source close to the incident states that any information deemed “highly sensitive” is completely safe. A few months ago, information security specialists detected suspicious activity on some devices connected to the company’s networks, based in Japan. After an internal investigation, Mitsubishi detected some unauthorized access to the administration of its headquarters. It is not yet clear whether there is any link between the two incidents.

Since the information security firm in charge of the case, it has been leaked that the investigation points to a group of cybercriminals of Chinese origin. It is even mentioned that Yoshihide Suga, a member of the Cabinet of Japan, has been notified of the incident. 

On the other hand, the company has issued a statement acknowledging the incident: “The leak of some company data including information about job applicants was detected, as well as data from some of our technological developments. We are able to confirm that confidential information about defense technology has not been compromised; we deeply regret the inconvenience.” 

Mitsubishi is one of the most important technology manufacturers in the field of defense and, according to the International Institute of Cyber Security (IICS), has also dabbled in the field of cybersecurity, although without yet achieving a role featured in that industry.