Tech giant Panasonic has confirmed that one of its servers suffered a data breach which saw the personal information of job applicants accessed by an unauthorised party.
The security breach, which saw hackers illegally access a Panasonic file server located in Japan via an overseas subsidiary, began on June 22 2021, and only ended on November 3 2021.
Panasonic confirmed the hackers had accessed sensitive data of job candidates this week, having previously only referred to "some data" having been accessed during the intrusion.
Now we know that the following data was accessed:
Panasonic says that no files related to or containing personal information about individual customers were found to be hosted on the hacked server.
What we are not told, however, is just how many people may have had their personal information fall into the hands of cybercriminals. One can only assume that the company doesn't think it would be helpful to share that particular detail, and presumably is hoping that the world will be imagining that it is a smaller figure than it actually is.
Affected individuals who had applied for jobs or internships at the company are being informed, as are business partners who may have had business-related information exposed by the security breach.
Panasonic says that it has strengthened its security in the wake of the attack:
"After detecting the unauthorized access, the company immediately reported the incident to the relevant authorities and implemented security countermeasures, including steps to prevent external access to the network. Panasonic would like to express its sincerest apologies for any concern or inconvenience resulting from this incident."
It's not the first time Panasonic has suffered at the hands of hackers. In November 2020, attackers released 4GB of data they had stolen from Panasonic India, including outstanding account balances with suppliers, bank account details, spreadsheets, and lists of passwords.
As yet there is no indication that any of the data stolen in the latest attack has been leaked online.
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.View all posts
May 16, 2023
March 10, 2023