UPDATED 22:09 EDT / JANUARY 20 2020

mitsubishielectric SECURITY

Mitsubishi Electric discloses data breach that compromised business relationships

Mitsubishi Electric Corp. today disclosed a data breach that involved the theft of highly sensitive data, including correspondence and information on government agencies and business partners.

Although the Mitsubishi name may be best known in the West for its cars, Mitsubishi Electric is a separate division of the Mitsubishi Group of Companies that manufactures consumer electronics as well as semiconductors, defense equipment and nuclear reactors.

The hack is said to have taken place in June. Chinese hackers are believed to be behind the data theft. Mitsubishi Electric noted that no highly sensitive information pertaining to its intellectual property had been stolen.

According to a report from the Japan Times, data stolen included email exchanges between the company and the Japanese Defense Ministry and Nuclear Regulation Authority, as well as documents related to projects with firms such as utilities, railways and automakers. Personal data on more than 8,000 people, including current and former employees as well as job applicants, was also stolen.

The Japanese government, including the country’s nuclear regulator, have been informed of the breach.

“Unauthorized access is one of the most frequent cyberattack methods, encompassing 34% of all attacks, which is what happened to Mitsubishi Electric when malicious actors were able to steal 200 MB worth of files from the manufacturing giant’s internal systems,” Ben Goodman, senior vice president of global business and corporate development at digital identity firm ForgeRock Inc., told SiliconANGLE. “While the type of data breached is unclear, knowing that Mitsubishi Electric is a top contractor for Japan’s military and infrastructure, this breach is especially concerning.”

Enterprises and other organizations that regularly handle sensitive and confidential data must leverage “zero trust” security strategies, in which organizations by default don’t trust anyone, even those inside the network, he added. “By employing modern identity and access management tools that can prescribe contextual and continuous security, detect abnormal behavior and validate identity by prompting two-factor authentication or multifactor authentication, organizations can put extra layers between cybercriminals and their sensitive data,” he said.

Photo: Mitsubishi Electric

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.