Kawasaki Heavy Industries Ltd. discovered a data breach last June that may have occurred the previous September, company officials said Monday.

Kawasaki Heavy said it found fraudulent server access via a company unit in Thailand during a system audit on June 11 this year, and confirmed the possibility of data breach. The administrator identification and password of the company’s domestic system had been stolen, Kawasaki Heavy said.

“As a result of a thorough investigation, the company has discovered that some information from overseas offices may have been leaked to external parties,” Kawasaki said in a statement published Monday. “At this time, the company has found no evidence of leaking information to the external network.”

“Because Kawasaki handles important sensitive information such as personal information and social infrastructure-related information, information security measures have been a top priority for the company. However, the unauthorized access in questions had been carried out with advanced technology that did not leave a trace,” the company said in its statement.

Fraudulent access from outside the company started in September 2019, at the latest, according to the company.

Schneider Bold

An investigation by Kawasaki Heavy also detected illegal access via company bases in Indonesia, the Philippines and the United States, officials said.

When Kawasaki discovered the unauthorized parties accessed a server in Japan from an office in Thailand on June 11, all communication stopped between the two sites after they made the discovery.

“However, other unauthorized accesses to servers in Japan from other overseas sites (Indonesia, the Philippines, and the United States) were subsequently discovered,” Kawasaki said.

Kawasaki Heavy said it has already strengthened its information security measures.

“We have therefore enhanced monitoring operations to accesses from overseas offices and tightened access restrictions to block unauthorized accesses.”

Communication channels ended up restored November 30 after implementing network communication restrictions, running a security audit of roughly 30,000 terminals on the company’s Japan and Thailand networks, and confirming no unauthorized connections to the Japanese servers after August.

“We deeply apologize for causing troubles and worries,” Kawasaki Heavy said in a statement.

Kawasaki Heavy Industries is a Japanese multinational corporation with over 35,000 employees, active in the heavy equipment, rolling stock, automotive, aerospace, and defense industries.


Pin It on Pinterest

Share This