Japanese ICT firm Fujitsu has confirmed a malware infection in its systems and its internal investigation suggests that hackers could have stolen customer information and personal data.
“We confirmed the presence of malware on several of our company’s work computers, and as a result of an internal investigation, it was discovered that files containing personal information and customer information could be illegally taken out,” the company said in a statement.
After confirming the malware’s presence, the company immediately disconnected the affected business computers.
“According to the investigation, this incident is limited to Japan and to date, there has been no impact outside of Japan,” the company said.
Fujitsu didn’t reveal the type of malware used, the timing of the intrusion, or the extent and kind of data accessed by the attackers. It did say that it has “not received any reports” that indicate there’s been misuse of personal or customer information to date, but it’s “currently continuing to investigate the circumstances surrounding the malware’s intrusion and whether information has been leaked.”
The company said it’s notifying all affected parties individually and that it’s informed the Personal Information Protection Commission to comply with regulations and prevent possible misuse of data.
Fujitsu is the sixth largest IT services provider globally, employs 124,000 individuals, and has an annual revenue of $23.9 billion. The company’s diverse portfolio spans computing products such as servers and storage systems, software, telecommunications equipment, and a range of services including cloud solutions, system integration, and IT consulting services.
This year has marked a significant year for data breaches, with the U.S. experiencing 336 publicly disclosed security incidents in January alone. These incidents led to the breach of more than 78 million records.
The most substantial breach so far, braided as the “Mother of All Breaches,” involved the consolidation of 26 billion records from multiple previous breaches into a single data source.