Security News > 2021 > May > Fujitsu pulls ProjectWEB tool offline after apparent supply chain attack sees Japanese infosec agency data stolen
A Fujitsu project management suite is causing red faces at the Japanese company's HQ after "Unauthorised access" resulted in data being stolen from government agencies, local reports say.
The firm's ProjectWEB tool was reportedly accessed by an unidentified "Third party" who helped themself to data from, among others, Japan's Ministry of Foreign Affairs, its Cabinet Office Cyber Security Centre and the Ministry of Land.
Fujitsu has shut down ProjectWEB and pulled it offline.
The Japan Broadcasting Association, the local equivalent of the BBC, reported that on 20 May data was stolen through a ProjectWEB deployment used in Tokyo Narita airport, the capital's main international hub.
"Oz Alashe, chief exec of behavioural security platform CybSafe, commented:"The attack on these Japanese government agencies is a stark reminder of the cyber risks posed by the supply chain.
Securing their own networks, data and users is a challenge in itself for organisations, and the threat of data loss and compromise via third parties in the supply chain adds a new layer of complexity to the equation.
News URL
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Ultralytics Supply-Chain Attack (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)