UPDATED 19:49 EST / NOVEMBER 29 2021

SECURITY

Panasonic data breach remained undetected for five months

Japanese conglomerate Panasonic Corp. has been hit by a data breach that remained undetected for nearly five months.

The company described the data breach in a Nov. 26 alert as unauthorized access to a file server that included some data on the server being accessed during the intrusion. The compromised server was detected on Nov. 11, but NHK reports that the breach involved unauthorized access starting June 22.

The information on the server included data related to the company’s technology and business partners as well as the personal information of employees. Panasonic has not confirmed exactly which data may have been stolen but is proceeding with the presumption that it has.

Panasonic has ticked the standard response boxes to a data breach as well — launched an investigation, hired a third-party company to investigate the breach and has contacted relevant authorities.

This is not the first time Panasonic has been targeted by hacking groups. The company’s operations in India were subjected to data theft and extortion in 2020. The data was stolen in October 2020 with a ransom of $500,000 demanded not to release the data. Panasonic did not pay up and the attackers subsequently released 4 gigabytes of company data in November.

The data stolen from Panasonic India included outstanding account balances with suppliers, bank account numbers, accounting spreadsheets, lists of passwords for sensitive software systems, email addresses and more. Although the potential data stolen in the new attack does not initially appear to be as extensive, the intent of those behind it is unknown: Is it corporate espionage or another extortion group?

“As is typical in these early-stage incident reports, there are many unknowns, particularly given the level of detail given in the initial disclosures,” Jake Williams, co-founder and chief technology officer at digital foreigners and incident response company BreachQuest Inc., told SiliconANGLE. “In this case, however, there are already red flags.”

Williams noted that NHK reported that internal network monitoring was the source of the incident detection, seemingly implying that the depth of intrusion is more than a misconfigured external server. “Taken at face value, this means that Panasonic likely has some work ahead to threat hunt in its network before fully understanding the scope of the compromise,” he said.

John Bambenek, principal threat hunter at security operations firm Netenrich Inc., highlighted the long time the breach took to be detected.

“While attacks on Japanese companies are continuing, the fact that the initial infection occurred in June and wasn’t detected until November demonstrates that companies are continuing to lag behind attackers,” Bambenek said. “Breaches need to be detected in hours, not months.”

Photo: Panasonic

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU