em360tech image

Fujitsu has confirmed that malware has been found on its work computers, raising concerns that customer data has been compromised.

Fujitsu is a Japanese technology company that offers a wide range of IT products, services, and solutions. They work across the tech industry, from computers and servers to cloud computing and artificial intelligence.

The Japanese firm has been hitting headlines since early this year due to its involvement in the post office scandal. Fijutsu's accounting software, used by British Post offices, was riddled with technical faults, including rounding errors, data corruption, and issues with synchronization between local and central databases.

These errors led to more than 700 Post Office branch managers being given criminal convictions after the software showed that money was missing from their shops. 

Fujitsu’s response to the latest cyber attack

In the latest update, released on March 15th, the company confirmed a new cyber attack had hit their work computers, depositing malware and potentially compromising customer data. Fujitsu has not yet confirmed the extent of the attack.

“We confirmed the presence of malware on several of our company's work computers, and as a result of an internal investigation, it was discovered that files containing personal information and customer information could be illegally taken out,” a translated version of the Japanese statement reads.

The firm goes on to reference the measures it has taken to address the issue, however they did not outline specific actions, simply stating that they ‘disconnected’ that affected computers.fujitsu cyber attack

“After confirming the presence of malware, we immediately disconnected the affected business computers and took measures such as strengthening monitoring of other business computers. Additionally, we are currently continuing to investigate the circumstances surrounding the malware's intrusion and whether information has been leaked.’ the company statement reads.

The translated letter then confirms that targeted customers will be contacted and the incident has been reported to the Personal Information Protection Commission. Fujitsu are unable to confirm if customer data has been misused and apologize to any affected parties. 

“In addition to reporting individually to the targeted individuals and customers, we have also reported to the Personal Information Protection Commission in anticipation of the possibility that personal information may have been leaked. To date, we have not received any reports that personal information or information about our customers has been misused. We deeply apologize for the great concern and inconvenience caused to everyone involved.” The statement concludes.

Why was Fujitsu targeted?

Large companies like Fujitsu are attractive targets for hackers because they often have valuable data and are seen as more vulnerable.

This includes the personal data on customers, employees, and partners. This data covers everything from names, addresses, social security numbers and credit card details. This sensitive data can be sold on for a high price.

Companies that are leaders in their fields also have valuable intellectual property (IP) such as trade secrets, patents, and product designs. Hackers can steal this IP and use it to develop their own products or sell it to competitors.