The Panasonic data breach was orchestrated by threat actors who infiltrated the company’s file server over four months ago and had unfettered access ever since.
The Panasonic Data Breach Leaves Some Questions Open
The incident affecting the tech giant raises questions, according to researchers. More than two weeks after its discovery, it’s still unclear if customer records were compromised.
On Friday, the company confirmed that its “network was illegally accessed by a third party on November 11, 2021,” and that “some data on a file server had been accessed during the intrusion.”
“Panasonic is currently working [to] determine if the breach involved customers’ personal information and/or sensitive information related to social infrastructure,” it added.
Panasonic did not provide many details on the data breach in the way of technical info or timeline. However, local reports picked up by the Record disclosed that the breach had been going on since June, giving attackers plenty of time to snoop around and steal whatever information they wanted.
The NHK news outlet also noted that “in addition to information about the company’s technology and business partners, personal information of employees was stored on the server….the company says that the leakage of information to the outside has not been confirmed at this time,” according to its sources [translation via Google Translate].
The Incident Might Spiral Into Bigger Attacks
Jake Williams, co-founder and CTO at BreachQuest, expects the infiltration to result in larger attacks.
“As is typical in these early-stage incident reports, there are many unknowns,” he said via email. “In this case however, there are already red flags. NHK reported that internal network monitoring was the source of the incident detection, seemingly implying that the depth of intrusion is more than a misconfigured external server…Those [misconfiguration] cases at least have localized impact because there is no threat of threat actor lateral movement deeper into the network.”
John Bambenek, principal threat hunter at Netenrich, pointed out that the four-month gap between the Panasonic data breach and detection is concerning.
“While attacks on Japanese companies are continuing, the fact that the initial infection occurred in June and wasn’t detected until November demonstrates that companies are continuing to lag behind attackers,” he said via email. “Breaches need to be detected in hours, not months.”
However, Eddy Bobritsky, CEO at Minerva Labs, had something else to say regarding the reported timeline.
“Although their investigation hasn’t been completed yet, Panasonic seems to be lucky here as they were able to detect the breach relatively quickly,” he said. “According to…IBM’s ‘Cost of Data Breach 2021’ report, on average it took 287 days to identify and contain a data breach.”
Not The First Attack To Hit Panasonic
The latest security incident comes after a ransomware attack on Panasonic India last year, which resulted in email addresses and financial information being leaked. Panasonic made it to a long list of Japanese giants hit by recent cyberattacks, including Kawasaki, Kobe Steel and Pasco, Mitsubishi Electric, Olympus, and NEC.
However, the incident is surrounded by mystery, since it’s unclear whether more details will surface. “Panasonic likely has some work ahead to threat hunt in its network before fully understanding the scope of the compromise,” BreachQuest’s Williams said.
No Business Is Safe From Data Breaches
A data breach is more than that moment in time that compromised your network. Its consequences extend over very long periods of time.
Every company faces countless attacks daily. Increase your business’s value by implementing a robust cybersecurity system, establishing a data breach response plan, and preparing your employees with a strong security awareness training program.
Most data breaches start with phishing emails.
Over one billion phishing emails are sent out each day, and many of them bypass security filters. Thus, you need to be able to rely on your employees to stay vigilant and spot phishing scams.
You can successfully defend your business partly by training your employees on cybersecurity matters and especially phishing attacks, and partly by adopting more rigorous security measures, such as implementing multi-factor authentication and user behavior analytics.
Researching the latest phishing trends and strategies and adequately training your employees can be a hassle, so leave it to professionals.
ATTACK Simulator’s Security Awareness Training program will help you equip your employees with the necessary security knowledge and up-to-date security practices to keep your company safe from scammers and avoid potentially irreparable damage.