Hackers access file server of Panasonic after the recent data breach

Panasonic, the Japanese Giant has said that hackers have accessed personal data of interns and job candidates in the November cyberattack. The first attack on their network was identified by Panasonic on November 26th, 2021.

However, Panasonic wasn’t able to figure out if the hackers were able to access the sensitive personal data associated with the company. In a recent update published by Panasonic, the firm has confirmed that the hackers have obtained access to sensitive personal information of the job candidates and interns. The company has already notified those that were affected by this data breach.

Details of the Panasonic Data Breach

Once the unauthorized access to file server was confirmed, Panasonic established a special team to investigate, analyze and respond to the situation. After a detailed analysis, it was found that a unknown third-party has illegally gained access to their file server in Japan through another sever from a subsidiary that is located somewhere outside of Japan. However, the accessed files haven’t found to be leaked in the web, and Panasonic is doing everything to avoid such act in future.

The file server had information about job candidates, interns and their complete personal details related to their job application with the firm. Along with these data, Business partner details were also in the file server, and the same is communicated to the partners who are affected by the breach.

After the breach, Panasonic increased their security posture further by hardening access controls, updating passwords, hardening server monitoring and privilege access controls for their critical and moderate network devices. Furthermore, security consultants and compliance team are working to keep these security postures high and will continue to do so in future by limiting unnecessary admin privileges.

Ransomware Prequel to Panasonic Data Breach

Panasonic data breach that happened in November had a prequel to the story, when Panasonic’s Indian Subsidiary was hit by a ransomware attack and around 4 GB of data was leaked on web, including email credentials and financial data. A ransom of 500,000 USD was demanded for the attack in seven days time. An option of 40,000 USD to access the company accounts was given as a concession.

A security firm called Resecurity communicated with the threat actors on behalf of Panasonic to established a conversation and see the actor’s motive behind the ransomware attack. They try to look for conversations via dark web forums. Russian forums, and other platforms to strike the conversation.

After some research and analysis, it was found that the threat actor is Russian. He tried to encrypt the files, then extort it, if the extortion fails they try to sell the access and data to their peers.

On the other hand, New Year has already brought a new ransomware variant ‘Night Sky’ targeting corporate companies and demanding 800k ransom, so it is important to ensure you security posture is at high level in 2022 as more such threats are predicted to damage organizations this year.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.

You can reach out to us via Twitter or Facebook, for any advertising requests.