Panasonic Confirms Hackers Accessed Personal Information – Security Expert Comment

News has broken that Panasonic has confirmed that hackers accessed personal information belonging to job candidates and interns during a November cyberattack. 

At the time of the initial breach, which began June 22nd and ended November 3rd, and went undetected until November 11th, the tech giant was unable to say whether hackers had accessed any sensitive information. However, in an update published late last week, Panasonic confirmed personal information was accessed. 

The update also confirmed that the adversaries obtained files containing unspecified “business-related information” provided by business partners, as well as information about business partner personnel. 

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Danny Lopez
Danny Lopez , CEO
InfoSec Expert
January 12, 2022 11:49 am

<p dir=\"ltr\"><span style=\"font-family: arial, sans-serif;\">Reports confirming hackers gained access to Panasonic’s networks and personal information for job candidates and interns are troubling given the ramifications if the data falls into the wrong hands.</span></p>
<p dir=\"ltr\"><span style=\"font-family: arial, sans-serif;\">Organisations need to adopt robust processes for onboarding and offboarding employees and affiliates that may receive access to key information systems. It\’s vital to control privileged access and to monitor those that enjoy that administrator privilege. Ensuring that multi-factor authentication is enforced wherever possible, is a vital defence where user credentials find their way into the public domain. This will help to limit the blast radius, and in most cases, defeat the data breach.</span></p>
<p dir=\"ltr\"><span style=\"font-family: arial, sans-serif;\">Attacks like these caused by illegal access demonstrate that a traditional castle-and-moat approach to network security leaves organisations exposed. Zero trust security sees the world differently. No one is trusted by default, regardless of whether they are inside or outside a network. In a world where data can be held amongst multiple cloud providers it is crucial to strengthen all processes relating to access verification. Without a zero trust approach organisations run the risk of attackers having a free reign across a network once they are inside.</span></p>

Last edited 6 months ago by Danny Lopez
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x