Fujitsu’s file and information sharing portal ProjectWEB has been taken offline following a reported data breach. Multiple government agencies in Japan have announced that the attackers had obtained information stored with ProjectWEB. The Ministry of Land, Infrastructure, Transport, and Tourism confirmed that at least 76,000 email addresses, along with proprietary information, had been accessed. Japan’s National Cyber Security Center (NISC) has issued multiple advisories to alert government agencies and critical infrastructure using ProjectWEB to look for signs of unauthorized access or stolen data.
Fujitsu has stated through a press release that they will be notifying authorities while working with customers to identify the cause of the breach. When reached out to by BleepingComputer, a spokesperson for Fujistu replied “Fujitsu is currently conducting a thorough review of this incident, and we are in close consultation with the Japanese authorities. As a precautionary measure, we have suspended [the] use of this tool, and we have informed any potentially impacted customers.”