Japanese Aerospace Firm Kawasaki Warns of Data Breach

2020-12-29T15:11:13
ID THREATPOST:C3AA314C117D9538E5F3A0C1B900B6AD
Type threatpost
Reporter Lindsey O'Donnell
Modified 2020-12-29T15:11:13

Description

Japanese aerospace company Kawasaki Heavy Industries on Monday warned of a security incident that may have led to unauthorized access of customer data.

According to the company’s data breach notification, it first discovered unauthorized parties accessing a server in Japan, from an overseas office in Thailand, on June 11, 2020. After terminating that access, the company throughout the following days in June discovered several other incidents of unauthorized access. Kawasaki said these stemmed from other overseas sites in Indonesia, the Philippines, and the United States.

Of note, while Kawasaki said that “some information from overseas offices may have been leaked to external parties,” the company has not yet found evidence of leaking information to the external network. However, the company said it is currently contacting customers who may have been affected by the unauthorized access.

2020 Reader Survey: Share Your Feedback to Help Us Improve

“Because Kawasaki handles important sensitive information such as personal information and social infrastructure-related information, information security measures have been a top priority for the company,” said the company’s data breach notice, posted on its website [PDF]. “However, the unauthorized access in question had been carried out with advanced technology that did not leave a trace.”

The multinational corporation primarily manufactures motorcycles, engines, heavy equipment, aerospace and defense equipment, rolling stock and ships. This includes production involvement for various aerospace equipment such as the Boeing 787 Dreamliner, P-1 Maritime Patrol Aircraft and the International Space Station Kibo, for instance. The company has also developed various manufacturing processes, used by various industrial plants for crushing raw materials (like limestone and clay) and burning and manufacturing cement.

Kawasaki has at least 34,000 employees across Japan, Asia, the Americas and Europe, as well as various subsidiaries, including Kawasaki Heavy Industries Motorcycle.

Further details of the specific data that’s potentially at risk, and further information of the unauthorized accesses themselves, were not disclosed. Threatpost has reached out to Kawasaki for further comment.

While the incident was first discovered in June, “due to the fact that the scope of unauthorized access spanned multiple domestic and overseas offices, it took a considerable amount of time until the company can formally announce the incident,” according to the company.

Following an unauthorized access from an overseas office in the United States, on July 8, Kawasaki added “additional restriction” to all overseas network connections. It then conducted a “security soundness” inspection of 26,000 terminals for its Japan and Thailand network connections. In October, the company confirmed via network monitoring that no further unauthorized access to the Japan office occurred after August.

“We have therefore enhanced monitoring operations to accesses from overseas offices and tightened access restrictions to block unauthorized accesses,” according to the company. “Since then, we have continued to strengthen company-wide security measures.”

In a separate security incident, Kawasaki warned that it has received reports of people receiving fraudulent emails. The messages pretended to be from recruiters from Kawasaki Heavy Industries Group in the United States.

“Should you unexpectedly receive any such emails, please thoroughly confirm the sender’s identity before deciding to respond,” said the company on its website. “There is risk of your personal information being obtained and misused if you reply to these emails or open any attached files. These emails may also be infected with computer viruses, therefore we ask you to be especially cautious.”

Download our exclusive FREE Threatpost Insider eBook Healthcare Security Woes Balloon in a Covid-Era World , sponsored by ZeroNorth, to learn more about what these security risks mean for hospitals at the day-to-day level and how healthcare security teams can implement best practices to protect providers and patients. Get the whole story and DOWNLOAD the eBook now – on us!