Mitsubishi Electric, one of the world's largest manufacturers of electronics and electrical equipment, reported hacking and data leakage. Although the incident still occurred last year, on June 28, 2019, a formal internal investigation did not begin until September. And the details of what happened were revealed only this week, after two local newspapers, Asahi shimbun and Nikkei , published stories about what happened.
In both publications, the blame for the attack is placed on the Chinese cyber-espionage group Tick (aka Bronze Butler and REDBALDKNIGHT), known to experts for its attacks on Japanese companies and organizations over the past few years.
According to local media, the attack was discovered after employees of Mitsubishi Electric noticed a suspicious file on one of the company's servers. As it turned out later, the attackers hacked into the account of one of the employees in China, and then the attack spread to Japan. It is reported that from this initial entry point, attackers expanded their access to Mitsubishi Electric's internal systems, eventually gaining access to the networks of about 14 departments of the company, such as the sales department and the main administrative office.
Publications agree that hackers stole confidential data from the company's internal network. In particular, they hacked “dozens of computers and servers in Japan and abroad,” from where they stole approximately 200 MB of files (mainly business documents and information from job candidates).
In an issued official statement, Mitsubishi Electric does not deny The fact of data theft only emphasizes that the crackers did not receive any information about the company's business partners and defense contracts. So far, the company is still investigating the incident, but, apparently, the attackers swept their tracks by removing the logs, which slows down the work of investigators.