A number of confidential files belonging to multiple Japanese government entities were stolen after attackers gained unauthorised access to projects that used ProjectWEB,

ProjectWEB is a SaaS platform for enterprise collaboration and file platform that Fujitsu has operated in which a number of agencies within the Japanese government currently use. Fujitsu’s Projectweb enables companies and organizations to exchange information internally, with project managers and stakeholders,

Japanese press reported that the attackers stole documents that contained more than 76,000 email addresses for employees and contractors for the Ministry of Land, Infrastructure, Transport, and Tourism.

NISC triggered multiple advisories alerting government agencies and critical infrastructure organizations using Fujitsu’s tool to check for signs of unauthorized access and information leakage. 

Fujitsu decided to shut down the ProjectWEB platform to investigate the ‘scope and cause’ of the breach following the pressure from NISC and apologized “for the great concern and inconvenience” the breach caused its customers. 

This is the second cyber incident the government of Japan has suffered in a month. In late April, a malicious campaign exploited two flaws, tracked as CVE-2020-5639 and CVE-2021-20655, in the popular file-sharing server FileZen to steal sensitive data from businesses and government organizations as part of a global hacking campaign that affected the Japan Prime Minister’s Cabinet Office.