Panasonic Becomes Victim of a Serious Data Breach
Late last week, technology manufacturing giant Panasonic announced a data breach. The incident was spotted in the middle of November 2021 and was publicized in an official press release from the company.
According to the press release, Panasonic became aware of unauthorized access to what is described as "some data on a file server". The data in question was not discussed in the release, but a Japanese news outlet covering the data breach wrote that the server allegedly contained data related to Panasonic technology and business partners.
What is even more worrying is that in an exchange with TechCrunch, Panasonic stated the breach was noticed on November 11. However, it seems this is not a single point in time when it happened. According to another Japanese news site, the actual breach took place several months earlier. The servers were first accessed in June 2021 and the bad actor managed to stay undetected and fly under the radar for months before the issue was spotted and taken care of in November.
The fact that the breach went unnoticed for such a long time indicates a high level of proficiency on part of the hackers, or a relative carelessness on part of Panasonic, but considering the potentially sensitive information stored on the compromised servers, the former seems more likely.
In the piece published by one of the Japanese news websites covering the breach, Panasonic was quoted saying that it "cannot deny the possibility of a serious incident". Whether this means ransomware was involved in the attack or sensitive information was exfiltrated is anyone's guess.
Panasonic has duly informed the respective authorities and has also engaged an external security firm to assist them with the situation and improve security in the future.
Seeing companies as big as Panasonic become victims of similar data breach accidents only serves to remind us that nobody is too big to fall and it would seem no security measures are too much for resourceful hackers. This only means networks should be monitored closely so that similar incidents can at least be spotted as soon as humanly possible.