Cyber Incident Victim: Kawasaki Heavy Industries, Ltd.

Unauthorized external access to Kawasaki Heavy Industries' systems was first identified in June 2020, though forensic investigations later determined that fraudulent access had occurred since at least September 2019. The attackers compromised administrator identification credentials and passwords for the company's domestic systems, enabling persistent access across multiple company locations. This breach spanned both domestic Japanese offices and international operations, complicating the investigation process and delaying the formal public announcement until December 28, 2020. Kawasaki's investigation confirmed that information from overseas offices may have been exfiltrated to external parties, though no evidence suggested domestic data had leaked outside the network. The company acknowledged the significant time required to assess the incident's full scope across geographically dispersed operations as a primary factor in their delayed disclosure.

Kawasaki Heavy Industries implemented responsive measures following the June 2020 detection of abnormal activity, though specific technical containment actions weren't detailed in their public statement. The firm conducted a thorough forensic examination that confirmed credential compromise as the attack vector but couldn't definitively establish whether all accessed data had been transferred externally. No operational disruptions to manufacturing or business activities were reported as a direct consequence of the breach. The company issued a public apology for both the security incident and the communication delay, citing concerns about potential inconvenience to customers and business partners. Their transparency included confirmation of the nearly 10-month gap between initial intrusion and detection, alongside the six-month investigation period preceding disclosure.