The Japanese electronics giant Mitsubishi Electric disclosed a hack last week. It now turns out that the attackers exploited a vulnerability in their antivirus program for the attack. Specifically, they exploited a zero-day bug in the Trend Micro OfficeScan antivirus.
The Japanese vendor Mitsubishi Electric declared a network hack last week in a press release. As revealed at the time (through the translated version of the press release), their network suffered the attack in June 2019. As a result, their system exposed data to the attackers, including “personal information and corporate confidential information”. They did specify that the incident did not expose any important data relating to business partners. However, they did not reveal much technical detail about the incident.
Then in an updated press release, they confirmed that the incident occurred due to unauthorized access to their network and may have leaked some “trade secrets”.
According to the (translated version of) the press release, some 200 MB of files was exposed that included data such as employment applicant information (1987 people), employee information (4566 people), and data related to retired employees of affiliate companies (1569 people). It also included some corporate data such as “technical material, sales materials, etc.”.
Furthermore, they also explained the cause behind the attack, which turned out to be a bug in their antivirus. As stated (translated),