Japan says defense data possibly breached after cyberattacks on Mitsubishi Electric

FILE PHOTO: A logo of Mitsubishi Electric Corp is pictured at the 28th Japan International Machine Tool Fair in Tokyo, Japan, November 17, 2016. REUTERS/Toru Hanai

TOKYO (Reuters) - The Japanese defense ministry said late on Monday that sensitive data on defense equipment may have been breached as a result of cyberattacks on Mitsubishi Electric Corp, a major supplier of the country’s defense and infrastructure systems.

The company has told the ministry that potentially stolen data included requirements for defense equipment that the ministry specified for contract bidders in October 2018, the ministry said in a statement.

The ministry said it was still in the process of investigating the security impact of the potential leak. Mitsubishi Electric did not win the contract in the auction.

Mitsubishi Electric initially denied the possibility of a breach of sensitive defense and infrastructure data when it first reported on the 200-megabyte cyberattacks by a third party on Jan. 20.

But subsequent checks at the company revealed that the defense ministry’s information that required special care was included in data potentially stolen by the attacks, Mitsubishi Electric said in a separate statement on Monday.

The company has said it first discovered the cyberattacks in June last year, more than half a year before it disclosed them to the public.

Reporting by Makiko Yamazaki; Editing by Jacqueline Wong