Photo/Illutration Narita Airport (Asahi Shimbun file photo)

A hacking attack on users of an information-sharing tool provided by Fujitsu Ltd. accessed government agency data including 76,000 transport ministry email addresses and Foreign Ministry documents on how to realize a digital government.

The email addresses of transport minister Kazuyoshi Akaba and other ministry officials as well as members of an expert panel and related business operators were among those leaked, according to the transport ministry.

The National Center of Incident Readiness and Strategy for Cybersecurity (NISC), the transport ministry and the Foreign Ministry revealed the information leaks on May 26.

A hacker gained unauthorized access to ProjectWEB, a tool managed and operated by Fujitsu that allows clients to share data on their projects, according to the firm.

Its main users were government agencies and companies that are working on the system development with Fujitsu, the leading Japanese provider of information technology communication systems.

Narita International Airport Corp. had also used the ProjectWEB tool. It announced on May 20 that documents concerning the system that manages flight information of aircraft at Narita Airport were likely to have been leaked.

Fujitsu began an investigation after detecting a possible unauthorized access to the tool on May 6.

It found that information of multiple clients was stolen and announced the theft on May 25. Fujitsu stopped operating the tool and is trying to determine how and why the leaks occurred.

A Fujitsu official declined to give details on which organizations were affected and the leaked data, saying the company could not respond to any questions concerning its clients.

An NISC official said the center has so far confirmed a leak of data on devices that comprise its information system.

“We’ve already taken measures to prevent a further leak,” the official said. “We haven’t found any damage caused by the unauthorized access at this point. The incident did not cause glitches in the system or affect related operations.”

The NISC carries out policies to prevent data leaks from government agencies and companies. It alerted government organizations and infrastructure providers on May 24 following the revelation of the information leak.

The data leaked at the transport ministry include information about internal emails and its internet system, but the texts of emails and information concerning its operations have not been stolen, according to the ministry. The leak did not affect its operations, the ministry said.

The Foreign Ministry announced that documents used to consider how to achieve a digital government, which the ministry is promoting, were leaked.

The documents list the names of 63 people outside the ministry and organizations they belong to as well as email addresses of some of them. The ministry has not disclosed the names of organizations the 63 people belong to.

The ministry said that it notified all the affected people of the data leak and that it has not received reports of any damage from the incident.

Fujitsu issued a comment deeply apologizing for the leak and said it will do its utmost to provide support for affected clients.

Related News