Kawasaki Heavy Industries Corp. affected by Hacking and Data Leakage

Japanese giant Kawasaki Heavy Industries, which operates in the heavy equipment manufacturing, automotive, aerospace and defence industries, reported about an attack and possible data leakage as third parties gained unauthorized access to the company’s server from several of its overseas offices.

“As a result of a thorough investigation, the company discovered that third parties could have obtained some information from overseas offices. Although currently the company has not found any evidence of information leakage to the outside,” says the official statement.

It is reported that on June 11, 2020, unknown attackers gained access to a server in Japan from the company’s Thai office. Already after the discovery of this attack, other unauthorized connections to servers in Japan were identified, carried out between June 11 and July 8 from other countries, including Indonesia, the Philippines and the United States.

Tokyo-headquartered Kawasaki said that entry to its servers “had been carried out with advanced technology that did not leave a trace”.

As a result, the company was forced to temporarily stop all communication between these locations. Communication was restored only on November 30, 2020, after the imposition of restrictive measures, an audit of approximately 30,000 machines in the company’s networks in Japan and Thailand, and the final confirmation that there were no unauthorized connections to Japanese servers after August 2020.The administrator identification and password of the company’s domestic system had been stolen, Kawasaki Heavy said.

Kawasaki now closely monitors all network communications between corporate offices, and a team of cybersecurity experts are working to strengthen protection so to prevent occurrence of similar breaches in the future.

“Following confirmation of unauthorized access, a dedicated Kawasaki team working with an independent third-party information security firm investigated and implemented countermeasures. The investigation has confirmed that there is a possibility of transferring information of unknown content to a third party. However, we still have not found any evidence of data leakage, including personal, to third parties”, – said corporation representatives.

Let me remind you that Hackers leaked data from Pakistani energy company K-Electric and that MGM Hotel Chain Underreported Scale of the Recent Data Leak.