NEC Corp. said Friday it has come under major cyberattacks over several years through 2018, resulting in unauthorized access to 27,445 files, including those related to business with the Defense Ministry.
The company said it has not confirmed any damage such as leakage after the attack on the files, which are saved on its servers used in defense-related and other businesses. Highly classified information, such as proposals to clients, was kept at a remote, unconnected location, it said.
The case added to concerns about Japan's cybersecurity, following a similar attack on Mitsubishi Electric Corp., which admitted this month that some classified information was leaked. The company is also a key player in the country's defense and infrastructure industries.
Government and other sources said earlier that personal computers and servers at NEC headquarters and other offices of the Japanese electronics company were targeted.
The classified data included technical proposals made by the firm to the Maritime Self-Defense Force on submarine sonar, they said.
(NEC headquarters in Tokyo's Minato Ward in March 2015)
"We deeply apologize for causing great worries and concerns to stakeholders," the company said in a statement.
At NEC, part of the log files that keep records of access to servers and systems were deleted, the sources said. The company has taken steps to fix the vulnerability of its networks.
The Acquisition, Technology and Logistics Agency, which works for the Defense Ministry, said information that the ministry needs to protect has not been stolen.
NEC said it suspended its network in June 2017 after confirming unauthorized communications from an outside server to its computer. In July 2018, it managed to decode the encrypted communications and confirmed the unauthorized access.
An investigation later found that personal computers at a subsidiary were infected with malware that subsequently led to entry into the network at the headquarters, the sources said.