Motorcycle maker Kawasaki has issued a statement saying it suffered a breach earlier this year that may have compromised “information from overseas offices.” The attackers used advanced techniques to erase their tracks, the Japanese company said.
“Kawasaki Heavy Industries, Ltd. announced that it was subject to unauthorized access from outside the company,” reads the announcement.“As a result of a thorough investigation, the company have discovered that some information from overseas offices may have been leaked to external parties.”
The company claims it found no evidence that information was leaked to the external network. Since the unauthorized access spanned several local and overseas offices, though, the bike maker refrained from making the breach public until it could gather enough data to issue a formal statement.
“We sincerely apologize for this delay and for the inconvenience and concern to customers and other related parties,” the company states.
The first signs of attack emerged in June when “an internal system audit revealed a connection to a server in Japan from an overseas office (Thailand) that should not have occurred,” Kawasaki said in a press release issued yesterday.
Similar connections subsequently emerged from offices in Indonesia, the Philippines and the United States, prompting the company to enhance monitoring to accesses from overseas offices and tighten access restrictions.
“Since then, we have continued to strengthen company-wide security measures,” Kawasaki states, following with a table of events spanning from June to December.
The impact on the firm’s operations seems to have been marginal, but according to the same announcement, the unauthorized access was “carried out with advanced technology that did not leave a trace.”
The company has hired a team of independent security experts and put together its own Cyber Security Group (established in November) to “strengthen security measures, analyze the latest unauthorized access methods [and] prevent recurrence.”
The Japan Times reported that the attackers managed to get their hands on “the administrator identification and password of the company’s domestic system.”