Fujitsu has warned that cybercriminals may have stolen files containing personal and customer data after discovering malware on its computer systems.
The company at the center of the UK Post Office scandal said in a Japanese press release that it had discovered malware on its computers and that customer data may have been stolen, and apologized for any concern or inconvenience caused.
The press release (a Google-translated version can be read here ) is somewhat lacking in details.
For example:
- Fujitsu did not disclose the malware discovered, the number of computers affected or the internal systems or databases accessed.
- Fujitsu did not specify the type of malware found – a remote access backdoor? Ransomware? Is there something else?
- Fujitsu did not disclose details about the stolen information, describing it as “personal information and customer information.” For example, does it contain contact information, passwords, or payment information?
- Fujitsu announced a cyberattack on Friday, March 15, but did not elaborate. when How long it took for it to be discovered or for hackers to gain access to its systems and data.
Fujitsu said it had reported the incident to regulators and would contact affected individuals and customers.
The company also said it had not seen any reports of possible misuse of stolen information. Statements like these are meant to reassure affected parties, but they don’t make you feel more comfortable in reality.
Lack of evidence does not equate to non-existence of evidence. How can a company confidently and honestly claim that it has indisputable evidence that the leaked data was not exploited by malicious hackers and online fraudsters?
In the past, there have been many incidents where the information stolen by hackers did not show up immediately, but appeared on the dark web months or even years later.
