TLDR:
In a cybersecurity breach, Fujitsu exposed private client data, passwords, and AWS keys in a public Microsoft Azure storage bucket for nearly a year. The data breach included sensitive information about clients like Centrica and Dutch water utility PWN. Even after the breach was disclosed, it took Fujitsu a while to take down the exposed bucket. The incident highlights the importance of cybersecurity measures and the risk of leaving sensitive data exposed to the public internet.
Article Summary:
A security researcher from the Dutch Institute for Vulnerability Disclosure, Jelle Ursem, discovered that Fujitsu had exposed private client data, passwords, and AWS keys in a public Microsoft Azure storage bucket for almost a year. The breach included sensitive information from clients such as Centrica and Dutch water utility PWN. Despite the breach being disclosed, Fujitsu took a while to react and remove the exposed bucket from the public internet.
Fujitsu, a multinational IT services provider, serves UK clients like the Post Office and Ministry of Defence. In 2022, the company landed a substantial contract to run secure networks for Britain’s diplomats. This incident raises questions about the company’s cybersecurity measures and the potential risks of leaving sensitive data exposed.
The breach highlights the need for organizations like Fujitsu to have robust cybersecurity protocols in place to protect client data and prevent unauthorized access. It also serves as a reminder of the importance of regular security assessments and monitoring to detect and address vulnerabilities before they are exploited.
Overall, the Fujitsu data breach underscores the ongoing challenges faced by organizations in safeguarding sensitive information in an increasingly digital and interconnected world. The incident serves as a cautionary tale for businesses to prioritize cybersecurity and implement measures to prevent similar breaches in the future.