Mitsubishi Electric discloses data breach, possible data leak (Jan 21, 2020)
The Japanese multinational electronic and electrical manufacturer Mitsubishi Electric has released details on a data breach that occured six months ago in June of 2019. The information relates to Personal Identifiable Information (PII) of customers and corporate confidential information. Allegedly, the threat actors behind the compromise gained access to the systems of an affiliated company in China and conducted a supply-chain compromise to breach Mitsubishi computer networks with hijacked accounts. The data leaked involves addresses, DOB, employment history, names, telephone number etc. The suspected threat group for the breach in the Chinese group, TICK (aka BRONZE BUTLER or REDBALDKNIGHT).
Recommendation: Leaks of this sort may cause affected individuals to be at a greater risk of phishing attacks. Actors can use this information to craft custom emails to increase their chances of malicious activity being approved by the recipient. Individuals who have accounts associated with this incident should change their passwords as soon as possible, particularly if passwords for said accounts are the same to other online accounts. Individuals should also regularly monitor their credit reports for suspicious activity or consider an identity theft protection service.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.