In a press release dated November 26, 2021, the electronics giant Panasonic disclosed an ongoing security incident. The press release states that a malicious third party breached their internal network on November 11, 2021. After determining that "some data on a file server had been accessed during the intrusion," authorities were alerted by Panasonic.
Additionally, the company began utilizing security measures to "prevent external access to the network," as well as bringing in third party security experts to see the extent of the damage, especially with regards to the data breach (namely how sensitive the data was).
In a strange twist, Japanese media outlets like NHK have also reported that the breach may have actually been longer than disclosed. Panasonic claims the breach occurred in the month of November, however, NHK states that the breach was actually as far back as June 22. Even stranger, NHK claims that the breach ended on November 3rd, a full week before Panasonic states that the actual incident happened. Furthermore NHK claims that more information than just customer data was accessed, specifically naming data like technical files and information on Panasonic's partners.
These reports in the media, and how they differ from Panasonic's official press release, has drawn reaction from leaders in the cybersecurity community. In an interview with Infosecurity Magazine's Sarah Coble, co-founder and CTO of BreachQuest, Jake Williams, had this to say:
"NHK reported that internal network monitoring was the source of the incident detection, seemingly implying that the depth of intrusion is more than a misconfigured external server. Taken at face value, this means that Panasonic likely has some work ahead to threat hunt in its network before fully understanding the scope of the compromise... This stands in stark contrast to cases where a simple misconfiguration on a server allow a threat actor access to excessive data."
Whatever the truth is in this case, Panasonic has clearly experienced a severe security breach and anyone affiliated with the company should take extra security precautions.
Featured image: Wikimedia Commons/KishujiRapid