Notice regarding results of security incident investigation

Fujitsu Limited

Kawasaki, July 9, 2024

Fujitsu discloses the investigation results and the measures undertaken regarding an incident involving the possible risk of information leakage, including personal information, in Japan, which was previously announced on March 15, 2024. Customers affected by this matter have been informed separately. Fujitsu wishes to offer its sincere apologies once again to its customers for the concern and inconvenience caused by the incident.

1. Results of the investigation

To identify the scope of the impact and the cause of this incident, Fujitsu and external security experts conducted a comprehensive investigation, including a careful review and analysis of log information and interviews with internal stakeholders. Below are the findings.

1) Behavior and Scope of Malware
The investigation confirmed that the malware was initially stored on one of Fujitsu's business PCs and then spread to other business PCs. This malware was particularly difficult to detect as it used sophisticated techniques to evade detection, unlike ransomware.

Following a comprehensive investigation, it was confirmed that the number of infected business PCs and the number of other devices where the copy instruction command was executed, and information was transferred, was no other than the 49 PCs initially detected. These devices were all used within Fujitsu’s internal network in Japan, and the investigation has not detected any impact on business PCs connected to network environments outside of Japan.

The affected computers were not managed through the cloud services provided by Fujitsu. Additionally, no trace of access to the services provided by Fujitsu to customers was found. The investigation concluded that the damage did not spread outside of the company’s business computers, including to customer’s network environments.

2) Extent of information leakage
The investigation into various logs (communication logs and operation logs) held by Fujitsu confirmed that some files could have been fraudulently taken out due to the malware’s behavior, and commands for replication instructions were executed. These files contained personal or business-related information about certain customers, who have been informed separately and necessary actions taken. At present, Fujitsu has not received any reports of misuse of personal or information related to customer’s business.

2. Actions, Countermeasures

Fujitsu is already enacting the following measures in response to this incident:

1) Isolating and removing all business computers suspected of being compromised from the internal network environment after detecting suspicious activity.

2) Preventing attackers from connecting to the external server that was the source of the intrusion.

3) Studying patterns in the characteristics of this malware attack method, implementing security monitoring rules to all business PCs and enhancing virus detection software functions and updates.

Fujitsu will continue to strive to further strengthen its information security measures.

About Fujitsu

Fujitsu’s purpose is to make the world more sustainable by building trust in society through innovation. As the digital transformation partner of choice for customers in over 100 countries, our 124,000 employees work to resolve some of the greatest challenges facing humanity. Our range of services and solutions draw on five key technologies: Computing, Networks, AI, Data & Security, and Converging Technologies, which we bring together to deliver sustainability transformation. Fujitsu Limited (TSE:6702) reported consolidated revenues of 3.7 trillion yen (US$26 billion) for the fiscal year ended March 31, 2024 and remains the top digital services company in Japan by market share. Find out more:

Press Contacts

Fujitsu Limited
Public and Investor Relations Division

Date: 9 July, 2024
City: Kawasaki, Japan
Company: Fujitsu Limited
Top of Page