[BreachExchange] Japanese drug firm Shionogi hit by cyberattack and data breach

Destry Winant destry at riskbasedsecurity.com
Mon Oct 26 10:13:25 EDT 2020


https://www.japantimes.co.jp/news/2020/10/23/business/corporate-business/japan-shionogi-cyberattack-data-breach/

Japanese pharmaceutical firm Shionogi & Co. said Thursday that its
Taiwanese subsidiary was hit by a cyberattack earlier this month
leading to a data breach, although no information regarding the novel
coronavirus vaccine it is currently developing was leaked.

According to the company, import licenses for medical equipment and
employee residency permits were released on the "dark web" after a
computer in its Taipei sales office was infected with a virus in
mid-October.

The attacker has threatened to release more information unless a ransom is paid.

Shionogi said there have been no indications of unauthorized access
among its computers at laboratories and offices within Japan.

While clinical trials are carried out in Taiwan, the local subsidiary
does not deal with matters involving cutting-edge technology or
personal information, it said.

Japan has not been immune to the spate of cyberattacks targeting
research institutions developing coronavirus vaccines worldwide.

A U.S. information security firm said Monday some Japanese research
institutions involved in coronavirus vaccine projects had experienced
attempted cyberattacks since April. Based on the techniques employed,
they suspect a Chinese hacker group is behind the attacks.

Attacks using ransomware, a type of malware that threatens to publish
the victim's data unless money is paid, has been on the rise in Japan.

Nobuo Miwa, president of information security firm S&J Corp. in Tokyo,
warned that "Information about a vaccine is appealing for criminals
after money."


More information about the BreachExchange mailing list