Japanese technology giant Panasonic confirmed its Canadian operations were hit by a cyberattack in February that impacted internal systems, processes and networks.
In a statement to TechCrunch, Panasonic spokesperson Airi Minobe said, “We took immediate action to address the issue with assistance from cybersecurity experts and our service providers. This included identifying the scope of impact, containing the malware, cleaning and restoring servers, rebuilding applications and communicating rapidly with affected customers and relevant authorities.” The company did not confirm if the incident was the result of a ransomware attack, what data was accessed, or how many people were impacted by the data breach.
However, the Conti ransomware-as-a-service group allegedly claimed responsibility for the cyberattack and claimed to have more than 2.7 gigabytes of data from Panasonic Canada. Conti’s leak page appears to have Panasonic internal files, spreadsheets and documents belonging to HR and accounting departments.
Panasonic says they are working to restore operations and understand how the incident impacted customers, employees and stakeholders while making it a priority to work closely with affected parties to mitigate the impacts of the cyberattack.
The incident is the second time in less than six months for the company. In November 2021, the company confirmed that a third party had illegally accessed its network and data.
“Panasonic is not alone,” says Danny Lopez, CEO of Glasswall. Ransomware attacks across all industries are on the rise. According to SonicWall’s 2022 Cyber Threat Report, governments worldwide saw a 1,885% increase in ransomware attacks, and the health care industry faced a 755% increase in those attacks in 2021. Similarly, the FBI’s Internet Crime Complaint Center reported 2,084 ransomware complaints from January to July 31, 2021. This represents a 62% year-over-year increase.
To counter the rise in cyberattacks, Lopez suggests organizations need to adopt robust processes for onboarding and offboarding employees and affiliates, invest in cybersecurity protection services and adopt a zero trust approach. “Zero trust security sees the world differently. No one is trusted by default, regardless of whether they are inside or outside a network. Without a zero trust approach, organizations run the risk of attackers having a free reign across a network once they are inside. This will help limit the blast radius and defeat the data breach.”
Amit Shaked, CEO and co-founder of Laminar, believes organizations must have complete data observability and adopt a data-centric approach to security to safeguard against data breaches. “Doing so helps security teams understand where an organization’s most sensitive data is, whether or not it has proper controls in place, and whether it is being monitored,” Shaked says.