Mitsubishi companies hit by cyber attack, ransomware

This month, multiple subsidiary companies of the Japanese motor giant Mitsubishi have been hit by a series of cyberattacks.

Mitsubishi Electric has been reportedly hit by a data breach, whereas Dopple ransomware ops claim they had stricken the systems of Mitsubishi Polycrystalline Silicon America Corporation this month.

Mitsubishi Electric hit by another data breach

Mitsubishi Electric has fallen victim to a cyberattack a second time since January this year, according to a report.

Yesterday, the company’s executives said they were verifying details of 8,653 accounts involved in business transactions to assess the impact of the breach, and if sensitive banking information was leaked.

In the January attack, “highly confidential information” from public sectors including defense, railways, and electric power supply had been reportedly stolen.

Mitsubishi Polycrystalline plant allegedly hit by ransomware

As observed by Security Report, the leak site of Dopple ransomware ops lists a small number of files that appear to belong to a Mitsubishi Polycrystalline production facility in Alabama.

Dopple operators leaked a total of 5 documents on November 5, 2020, indicating the breach had occurred on or before this date.

The latest timestamp present on one of the leaked employee timesheets is September 28, 2020.

However, based on the small number of leaked documents with limited information as seen by Security Report, it appears the cyberattack was limited to a single facility, maybe even an isolated workstation.

At this time, not much information is available as to what steps Mitsubishi companies have taken to prevent future breaches like these.

The repeated attacks on Mitsubishi companies seem to be work of skilled threat actors, given Mitsubishi plays a major role in powering Japan’s national security systems and infrastructure.