Headline News – The incident affected the Ministry of Land, Infrastructure, Transport and Tourism, Ministry of Foreign Affairs, Cabinet Office and Narita Airport. The stolen data included files stored by government employees on the cloud-based collaboration and file sharing platform ProjectWEB, which was launched by Fujitsu in the mid-2000s and was very popular among Japanese civil servants.
According to Japanese media reports, hackers stole documents containing employees of the Ministry of Land, Infrastructure, Transportation and Tourism and extended more than 76,000 email addresses, but the government did not confirm this information.
Background: ProjectWEB is a a cloud-based enterprise collaboration and file-sharing platform that Fujitsu has operated since the mid-2000s, and which a number of agencies within the Japan government currently use.
One of the possibilities of data leakage in this accident:
If daily operation in many small projects will go through web base management system. Furthermore, daily communication between project managers and project members uses Excel to complete status management and quality management. If excel spreadsheet encounter design weakness (CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0031, and CVE-2017-0053). Therefore, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document. As a result, the data breaches will be occurred.
Headline News – https://www3.nhk.or.jp/nhkworld/en/news/20210526_28/